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Next Month 


WEB DEVELOPMENT 


Next month, LJ talks to Matt 
Mullenweg, founding developer of 
WordPress, about blogging, the 
evolution of his platform and his 
commitment to open source. We'll 
also have an introduction to Web 
development platform OpenLaszlo, 
and we'll look at creating a small, 
flexible content management sys- 
tem with PHP and TinyMCE. 


James Gray has been examining 
Linux's inroads on the enterprise 
desktop, and he'll cover the latest 
trends and discuss the most inter- 
esting implementations to date. 


As always, there’s much more. 
Alolita Sharma reviews some cur- 
rent state-of-the-art digital TV 
tuner cards to evaluate how well 
they support digital television in 
Linux. And Kyle Rankin provides a 
head-to-head comparison between 
a standard laptop hard drive and a 
solid state model for those of you 
thinking of making the switch. 


USPS LINUX JOURNAL (ISSN 1075-3583) (USPS 12854) is 
published monthly by Belltown Media, Inc., 2211 Norfolk, Ste 514, 


8 LETTERS 


OVER A WIRELESS BRIDGE 
Setting up a thin-client 
network, and some useful 


Houston, TX 77098 USA. Periodicals postage paid at Houston, 
Texas and at additional mailing offices. Cover price is $5.99 US. 
Subscription rate is $29.5O/year in the United States, $39.50 in 
Canada and Mexico, $69.50 elsewhere. POSTMASTER: Please 
send address changes to Linux Journal, PO Box 980985, 
Houston, TX 77098. Subscriptions start with the next issue. 
Canada Post: Publications Mail Agreement #41549519. 
Canada Returns to be sent to Bleuchip International, P.O. Box 
25542, London, ON N6C 6B2 


[12 UPFRONT 
[40 NEW PRODUCTS 


operation/administration tools. 


Ronan Skehill, Alan Dunne 
and John Nelson 


4| june 2008 www.linuxjournal.com 


OUTRAGED 


by the high cost of 


Fibre Channel 
or iSCSI Storage)? 


SwitchitovAoE! 


SR2461 
| 


Coraid Offers a Complete Line 
of Clustered Modular Storage Products: 


+ High Performance EtherDrive® SATA+RAID Storage 
Appliances with 1 GigE or 10 GigE Connections 


* Clustered VirtualStorage™ Appliances 
(a Revolutionary Logical Volume Manager) 


+ Scalable NAS Gateways 
(File Sharing with EtherDrive® Storage) 


EtherDrive® Storage has a 
field-proven track record and 
is 1000+ large data storage 
customers strong. 


49. Ps 
dete CONFERENCE & ERPO 


To learn more about this and Coraid's other products, go online or call 


+1.706.548.7200 (toll free: 877.548.7200) 


Coraid's EtherDrive® Storage with AoE is fast, 
reliable disk storage that's easy to use. And it's 
much more affordable than iSCSI or Fibre Channel! 


+ Coraid products use open AoE (ATA-over-Ethernet) block storage 


protocol, for high performance without the TCP/IP overhead 


+ With AoE, your shared storage capacity is infinitely scalable — 


at a fraction of the cost of iSCSI or Fibre Channel storage 


+ We provide a 3-year warranty and free firmware upgrades on 


all our products, as well as support from first-rate engineers 
trained in our technology 


gCORAID ? 


The Linux Storage People 


www.coraid.com 


JOURNAL 


Since 1994: The Original Magazine of the Linux Community 


Digital Edition 
Now Available! 


Read it first 
Get the latest issue before it 
hits the newsstand 


Keyword searchable 
Find a topic or name 
in seconds 


Paperless archives 
Download to your computer for 
convenient offline reading 


Same great magazine 
Read each issue in 
high-quality PDF 


Trv a Samonla Tee 


ey A 


www.linuxjournal.com/d ‘alte 


kA Ae. Serna 


JOURNAL 


Executive Editor Jill Franklin 
jill@linuxjournal.com 
Senior Editor Doc Searls 
doc@linuxjournal.com 
Art Director — Garrick Antikajian 
garrick@linuxjournal.com 
Products Editor James Gray 
newproducts@linuxjournal.com 
Editor Emeritus — Don Marti 
dmarti@linuxjournal.com 
Technical Editor —= Michael Baxter 
mab@cruzio.com 
Senior Columnist — Reuven Lerner 
reuven@lerner.co. il 
Chef Frangais = Marcel Gagné 
mggagne@salmar.com 
Security Editor = Mick Bauer 
mick@visi.com 


Contributing Editors 
David A. Bandel ¢ Ibrahim Haddad ¢ Robert Love * Zack Brown ¢ Dave Phillips * Marco Fioretti 
Ludovic Marcotte ¢ Paul Barry « Paul McKenney ® Dave Taylor © Dirk Elmendorf 


Proofreader — Geri Gale 


Publisher — Carlie Fairchild 
publisher@linuxjournal.com 


General Manager Rebecca Cassity 
rebecca@linuxjournal.com 


Director of Sales — Laura Whiteman 
jaura@linuxjournal.com 
Regional Sales Manager —_Joseph Krack 
joseph@linuxjournal.com 
Regional Sales Manager _Bruce Stevens 
ruce@linuxjournal.com 


Circulation Director lark Irgang 
mark@linuxjournal.com 


System Administrator itch Frazier 
sysadm@linuxjournal.com 
Webmistress — Katherine Druckman 
webmistress@linuxjournal.com 


Accountant = Candy Beauchamp 
acct@linuxjournal.com 


Linux Journal is published by, and is a registered trade name of, Belltown Media, Inc. 
PO Box 980985, Houston, TX 77098 USA 


Reader Advisory Panel 
Brad Abram Baillio ¢ Nick Baronian Hari Boukis ¢ Caleb S. Cullen * Steve Case 
Kalyana Krishna Chadalavada ¢ Keir Davis ¢ Adam M. Dutko * Michael Eager ¢ Nick Faltys « Ken Firestone 
Dennis Franklin Frey ¢ Victor Gregorio * Kristian Erik ¢ Hermansen e Philip Jacob ¢ Jay Kruizenga 
David A. Lane ¢ Steve Marquez * Dave McAllister ¢ Craig Oda # Rob Orsini ¢ Jeffrey D. Parent 
Wayne D. Powel * Shawn Powers ¢ Mike Roberts ¢ Draciron Smith ¢ Chris D. Stark ¢ Patrick Swartz 


Editorial Advisory Board 
Daniel Frye, Director, IBM Linux Technology Center 
Jon “maddog” Hall, President, Linux International 
Lawrence Lessig, Professor of Law, Stanford University 
Ransom Love, Director of Strategic Relationships, Family and Church History Department, 
Church of Jesus Christ of Latter-day Saints 
Sam Ockman 
Bruce Perens 
Bdale Garbee, Linux CTO, HP 
Danese Cooper, Open Source Diva, Intel Corporation 


Advertising 
E-MAIL: ads@linuxjournal.com 
URL: www.linuxjournal.com/advertising 
PHONE: +1 713-344-1956 ext. 2 


Subscriptions 
E-MAIL: subs@linuxjournal.com 
URL: www.linuxjournal.com/subscribe 
PHONE: +1 713-589-3503 
FAX: +1 713-589-2677 
TOLL-FREE: 1-888-66-LINUX 
MAIL: PO Box 980985, Houston, TX 77098 USA 
Please allow 4-6 weeks for processing address changes and orders 

PRINTED IN USA 


LINUX is a registered trademark of Linus Torvalds. 


EAC © ABERDEEN 
“ONE POWERFUL BEAST... 


THIS IS A COMPANY TO WATCH” 


PC Magazine — February 2008 


“Companies like Aberdeen not only give better hardware- 
to-dollar value but ship servers in very 
specific configurations.” 


“The Aberdeen Stirling 229 2U is a 
hardware Clydesdale with excellent 
benchmark test numbers, a five-year 
warranty, and a 30-day money-back 

guarantee.” 


“Loads of hardware options. Highly flexible 
configuration. Good price. Thirty-day money- 
back guarantee.” 
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“The company offers the only five-year server 
warranty (strictly mail-in, though) I've ever 
heard of. It also has a program called Aberdeen 
CARES, which allows customers to purchase a 
custom-built server, try it out for 30 days, and 


Featuring: a return it for a full refund if not completely satisfied.” 
¢ Intel® 5400 “Seaburg” Chipset with PCI-E Gen 2.0 Support 
- Provides support for faster processor, bus, and I/O speeds to “And, make no mistake about it, the Aberdeen Stirling 229 


enhance performance in demanding computing environments 
¢ Up to two Quad-Core or Dual-Core Intel® Xeon® processors with 
up to 1600FSB (Harpertown/Clovertown/Wolfdale/Woodcrest) “Aberdeen has added its own KVM-over-LAN feature—a 
¢ Dual Independent Bus provides independent point-to-point inter- nice convenience.” 
connects between each of the processors and the chipset. 
* 800 / 667 / 533 ECC Fully Buffered FBDIMM Memory “On Geekbench, the Stirling returned a whopping overall 


- Allows use of new lower power 1.5V FBDIMM score... screaming... terrific price and a solid product.” 
* Supports both SAS and SATA drives = a P FP 


¢ Intelligent Platform Management Interface 2.0 “This is a company to watch!” 
° 5-Year Warranty 


I tested is one powerful beast.” 


PC Magazine — February 2008 


ABERDEEN STIRLING 129 ABERDEEN lle 229 ABERDEEN STIRLING 429 


1U 4TB High Performance Server 2U Extreme Performance Workhorse 4U Heavy Duty Server w/Flexible Design 
¢ Dual Quad-Core Intel Xeon Processors E5462 (2.8GHz As reviewed in PC Magazine: ¢ Dual Quad-Core Intel Xeon Processor E5472 (3.0GHz 
1600FSB 12MB) ¢ Dual Quad-Core Intel Xeon Processor X5482 (3.2GHz 1600FSB 12MB) 
* 2GB ECC DDR2 800MHz FBDIMM (2 x 1GB) up to 64GB 1600FSB 12MB) * 8GB ECC DDR2 800MHz FBDIMM (4 x 2GB) up to 128GB 
* 4TB Storage (4 x Hitachi A7K1000 1TB SATA Hard Drives) ¢ 4GB ECC DDR2 800MHz FBDIMM (4 x 1GB) up to 128GB ¢ 8TB Storage (8 x Hitachi A7K1000 17TB SATA Hard Drives) 
¢ Areca ARC-1210 PCI Express SATA RAID Controller ¢ 8 x SATA/SAS Hot Swap Hard Drive Bays ¢ Areca ARC-1220 PCI Express SATA RAID Controller 
* Supports 2 x Full-Height and 1 x Low Profile Expansion Cards * 584GB Storage (4 x Seagate Cheetah 146GB 15K SAS Drives) * 2 x 5.25" Peripheral Drive Bays, 1 Floppy Drive Bay 
* 650W High-Efficiency Redundant Power Supply ¢ LSI MegaRAID 8888ELP SAS RAID Controller May be used as either 4U Rackmount or Tower 
° 5-Year Warranty ¢ Supports 7 x Low Profile Expansion Cards ¢ Supports 7 x Full-Height Expansion Cards 
¢ 700W High-Efficiency Redundant Power Supply ¢ 800W High-Efficiency Redundant Power Supply 
+ 5-Year Warranty ¢ 5-Year Warranty 
55,399 $7,399 $8,399 


Intel, Intel Logo, Intel Inside, Intel Inside Logo, Pentium, Xeon, and Xeon Inside are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United 
States and other countries. PC Magazine is copyrighted by Ziff Davis Publishing. For terms and conditions, please see www.aberdeeninc.com/abpoly/abterms.htm. 1j025 888-297-7409 


www.aberdeeninc.com/1j025 


letters 


PXE Server 
and Boot Kickstart 
images 


‘ES [TT 


Correction 

In my article “Security Features in Ubuntu” 
(U, March 2008), | incorrectly characterized 
Novell AppArmor as “an implementation 
of Type Enforcement”. But, as | myself 
explained in my earlier article “An 
Introduction to Novell AppArmor” (LJ, 
August 2006), AppArmor represents an 
approach to mandatory access controls 
that is fundamentally and deliberately 
different from Type Enforcement's, 
though they serve very similar purposes. 
| apologize both for the mistake and the 
self-contradiction. 


Mick Bauer 


Wine Recommendation 

| especially enjoyed Marcel Gagné’s March 
2008 Cooking with Linux column. My 
wife and | discovered the Collavini Villa 
Canlungo Pinot Grigio on a trip to Italy, 
and it has become one of our favorites. | 
went to the cellar recently only to discover 
that we had finished the last of our Villa 
Canlungo, but we did have a few bottles 
of 1998 Torciano Baldassarre. | was able 
to finish the article while savoring a glass 
of Baldassarre instead. A glass of fine 
wine makes the Linux even smoother. 


Glenn A. Scherb 


Floating-Point Simplicity 
Joao Macedo wrote a letter, published 
in the January 2008 issue of LJ, in which 


8| june 2008 www.linuxjournal.com 


the following one-liner was presented: 
$ echo 'scale=4%J11/7' | be 


Joao explained that, “the “J is obtained 
by issuing Ctrl-V + Ctrl-J.” 


AJ is the keystroke that produces the 
ASCII LF (line feed) character, which 
UNIX (and, thus, Linux) uses as a line 
terminator. Rather than embed LF in 
the text, I'd like to suggest the following 
as a better alternative: 


$ echo -e ‘scale=4\n11/7' | bc 


David Newall 


Why on Earth? 

I'm writing in connection with the article 
“The Best of Both Worlds”, by Dashamir 
Hoxha, which appeared in the February 
2008 issue of LJ. As the author says Linux 
is his favorite operating system, | can’t 
clearly see why he chooses to run it in a 
virtual machine running on Windows XP. 
Why should Linux have its performance 
undermined by running on a VM? Why is 
Linux stability conditioned by Windows 
XP's stability? And finally, what's the rea- 
son for the title of the article? Is this com- 
bination really the best of both worlds for 
a Linux user? | have been working with 
UNIX environments and then also Linux 
environments for more than 20 years, 
and honestly, | use Windows only when | 
have no other choice. 


Exactly in the same situation, some years 
ago when | bought a 1GB RAM Lenovo 
T6OP notebook with preinstalled 
Windows XP, | kept Windows only for 
the time necessary to check that all the 
hardware was working correctly. Then, 

| installed my favorite distribution, which 
is Kubuntu, and then | installed QEMU 
(with kqemu) to run Windows XP, in 
order to be able to test software for my 
clients or access some home banking site 
that works only with Internet Explorer. 


Setting aside the fact that | do not 
understand the choice for a Linux user of 
running Linux over Windows, the devel- 
opment of the article was very interesting 
and illustrative, especially in connection 
with the networking configuration. 


A last remark, if my friends or colleagues 
want to use my notebook, they know 
they have to use Linux. This has dis- 
couraged some and has revealed a 
very attractive environment for others. 


Norberto 


A More Elegant Solution 

In the Letters section of the April 2008 
issue of LJ, Mike Henders gave three 
possible shell scripting solutions for Dave 
Taylor's use of inline Perl to get the ordinal 
value of a letter [see Dave's January 2008 
Work the Shell column]. Well, | don’t have 
much use for ordinal values in my daily 
life, but | found his examples interesting. 
However, | didn’t care for the loop he 
used in Solution 1, nor did | like the math 
he resorted to in Solution 3 in order to 
deal with the spaces in the string. 


But, Mike's use of an array in Solution 
1 and his use of a variable length 
string in Solution 3 gave me the idea 
to combine the two—create a variable 
length array and, thus, a more elegant 
solution (my opinion). 


First, initialize the array like before, but 
leave out Mike's place holder (he used a 
0). At the same time, make it a variable 
length array by letting the value of $letter 
determine the last element of the array: 


LETTERS=($(eval echo {a..$letter})) 


Now the ordinal value (of the letter 
in $letter) is equal to the number of 
elements in the array: 


ordvalue=${#LETTERS [*] } 


Francois Visser 


Not Just Canadian 

I'm a Canuck living in the great white 
north and have to respond to the 
mention of tonne as Canadian for ton 
in James Gray’s article “Go Green, 
Save Green with Linux” in the April 
2008 issue of LJ. Here in Canada, we 
use the metric system, which is inter- 
national and to which a vast majority 
of countries subscribe. A tonne is 
equal to 2,200 lbs. (Umm, American 
pounds, that is.) | enjoy reading LJ, 
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and keep up the good work. 


Rick Martin 


Always a Learning Experience 
| enjoyed reading the April 2008 issue 
of LJ. | particularly wanted to check 
out Kyle Rankin’s article “PXE Magic: 
Flexible Network Booting with Menus”. 


| have a Fedora 8 server that | use as my 
main SOHO server. | wanted to try the 
steps from the article so | could have the 
advantage of the utilities and the expe- 
rience of doing it. So far as the doing, | 
guess | succeeded, because figuring out 
someone else’s errors/omissions is 
always a good teacher. 


Kyle Rankin wrote a great article that 
is certainly foundational and even 
inspirational, but it is missing essential 
information. It was easy to set up TFTP 
and NFS, tweak my dhcpd.conf file, 
and open the firewall suitably to get 
this working. | now have a crude PXE 
bootable menu that lets me select a 
local disk boot (in case | don’t want 
the PXE boot) and a memtest86+ and 
a Knoppix 5.1 network boot. | look 
forward to exploring other options to 
add to this, so that | can network boot 
disk imaging software for backups and 
Linux network install tools, such as 
Kickstart and more. 


Where Kyle fell terribly, terribly short 
was that for a Knoppix rescue load, 
he tells you to go to the Knoppix 
CD-ROM and fetch the minirt.gz and 
vmlinuz files from the boot/isolinux 
directories. Put them in your /tftpboot 
directory and you're golden! Not! 
Major omission! After many hours of 
only partial boots with Knoppix (it 
never would find/mount the Knoppix 
NFS share), | came to realize that 
Knoppix cannot finish its boot, 
because it cannot NFS-mount the 
Knoppix CD-ROM files from the boot 
server, because the kernel loaded via 
PXE is not network-enabled! The basic 
kernel fetched from the CD-ROM 
merely loads, and lets the rest of the 
system startup load and start the net- 
work. When network booting, the NIC 
card needs to be enabled during the 
processing of minirt.gz (it has NIC card 
modules therein and can load them 
and enable the network). Hence, it 
then can mount the NFS filesystem 


and find the Knoppix CD-ROM files 
and finish booting as expected. 


The solution is, you get the “network- 
enabled” vmlinuz and miniroot.gz files 
by first booting to Knoppix and then 
drilling into the menu to start the 
Knoppix Terminal Server where it pro- 
vides a setup dialog. You select (take 
the defaults) various NIC card drivers to 
include and let it configure the service. 
Apparently, Knoppix generates these 
files based on your selections. Then, 
you start a shell window and cd to 
/tftpboot and use scp to copy the gen- 
erated miniroot.gz and vmlinuz files off 
to your boot server, replacing the ones 
Kyle initially tells you to fetch. Once | 
got those files and put them into my 
boot server, my HP laptop network 
booted, and | selected Knoppix, and it 
proceeded to boot as fast as | could 
have expected. Applications seem to 
load and operate very responsively, etc. 
The system behaves just like it booted 
from the CD-ROM, but faster. 


Although | would have liked to per- 
form the steps accurately from the 
article to get this working, no such 
luck! However, | learned a lot along 
the way. | hope this feedback helps 
any other readers that had the 
same failures as | did and wanted 
to benefit from this article. 


Keith Schneider 


Kyle Rankin replies: You are absolute- 
ly right. The miniroot.gz and kernel 
from the isolinux directory on the 
CD-ROM do not match the files in the 
/tftpboot directory. Traditionally, when 
| have added Knoppix to my PXE boot 
environment, it has been via the files 
the Knoppix Terminal Server created 
(leven mention grabbing the files from 
/tftpboot in my book Knoppix Hacks), 
but in this article, | was trying to save 
the reader the extra steps of booting 
Knoppix and running the script, so | 
made the mistaken assumption that 
Knoppix used the same miniroot and 
kernel from the isolinux directory for its 
Terminal Server. I’m really sorry my mis- 
take made you jump through a lot of 
extra hoops. Thanks for the feedback. 


Submit Letters to the Editor at 
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There have been 
some very interesting 
changes in the way 


diff -u 


WHAT'S NEW the kernel is devel- 
IN KERNEL oped lately. In a 
DEVELOPMENT  ontinuing effort to 


keep contributors 

enthusiastic about participating in kernel 
development, Linus Torvalds announced 
he’s willing to accept less-polished driver 
code. Actually, this affects code through- 
out the kernel, but it particularly affects 
driver code, because if a driver breaks, it 
probably won't cause problems anywhere 
else in the kernel. There are several bene- 
fits to making this change. For one, as 
Linus has pointed out, accepting code into 
the kernel makes it easier for others to 
find bugs and submit fixes. Keeping code 
out means that the developers must work 
more in isolation and get less help from 
those potential contributors. Another 
benefit is that strict code submission 
requirements can have a depressing 
effect on developers. In the even/odd 
stable/unstable version-numbering days, 
developers went through a lot of pain dur- 
ing the stable development cycle, because 
it's just more fun to write new code than 
to fix bugs. The transition to the 2.6 kernel 
and to a permanent phase of development 
meant that this recurring period of 
frustration was gone. But, there was still 
a lot of focus on ensuring that code was 
up to snuff before it could be accepted. 

With the creation of the new stable 
series that did not interrupt 2.6 develop- 
ment but just ran alongside, the stage really 
has been set for some kind of move like 
this from Linus for some time. But, there 
certainly will be large repercussions during 
the coming months. For one, people who 
have taken it upon themselves to keep the 
kernel clean, remove old code, fix odd bad- 
ness and so on will have a much tougher 
job of it now. Adrian Bunk is one of these, 
but there are others as well, and it'll be 
harder for them or anyone else to make the 
kind of progress they’ve been making lately. 

Another repercussion has already 
occurred—the creation of the “Linux 
Next” git tree. It's a tree for subsystem 
maintainers to sync their code every day, 
so that any conflicting patches are identi- 
fied and resolved quickly. The issue of 
subsystem conflicts actually has existed 


for a while now, but Linus’ new code- 
acceptance policies pushed Andrew 
Morton over the edge and made him start 
asking for volunteers to maintain a “Linux 
Next”-type thing. The problem is that 
subsystem updates don’t just touch code 
within the subsystems themselves, they can 
include patches to many other parts of the 
kernel. So, whenever Linus would open up 
a new merge window, there would be 
many patch conflicts, and the maintainers 
would run around fixing them before they 
could get their code in through the win- 
dow. With the new easier acceptance 
policies, this problem would have gotten 
worse. It was already driving the subsystem 
maintainers crazy. Using Linux Next, they 
merge their trees on a daily basis without 
having to wait for Linus, so all conflicts are 
identified right away, and folks have more 
time to fix them, instead of having to try to 
fix everything at the last minute, with no 
prior knowledge of any breakage. With 
Linux Next, as soon as the merge window 
opens, all the subsystem trees can be 
accepted into the main tree at once, with 
far less hassle. 

Stephen Rothwell has volunteered to 
maintain the Linux Next tree, and so far, 
dozens of subsystem maintainers have 
joined it. There still are plenty of problems 
with Linux Next that need resolving. For 
example, the order in which the trees are 
merged is significant, because any trees 
that give conflicts will be rejected, and the 
maintainer of that tree will be expected to 
fix the conflict. Because trees merging ear- 
lier are unlikely to see any conflicts, as they 
merge against a more pristine tree, this 
means that trees merging later will be 
arbitrarily responsible for fixing the patch 
conflicts. Andrew’s solution to this is to 
rank each subsystem by importance and 
merge in that order. The question of which 
subsystems are most important then 
becomes a political issue, with the poten- 
tial for in-fighting and bitterness. | expect 
some more elegant solution to emerge, 
unless it turns out that subsystem rankings 
are very obvious to everyone involved. 

Andrew's larger goal with Linux Next 
is to increase visibility into the code that 
goes into the kernel, so that Linus’ new 
looser restrictions on patch submissions 
still will allow kernel folks to scrutinize 
those submissions after the fact, to identify 
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what needs to be cleaned up and decide 
where the most developer attention 
should be diverted. It’s likely that Andrew 
and others will continue coming up with 
ideas to implement this increased visibility 
over time. In terms of the average Linux 
contributor, however, Linus’ new policies 
herald a new period of freedom, as well 
as the chance for many of them to react 
to feedback from users, at a level they 
may not have experienced previously. 

Samuel Thibault has written a driver 
for the VisioBraille device. Because the 
code is at the driver level and not in user 
space, it is intended, in this case, to handle 
situations where user-space Braille drivers 
would not be effective—for example, dur- 
ing boot failures. Early in the boot process, 
user processes can’t run, but blind users 
still might want to read the failure mes- 
sages and report bugs back to the kernel 
developers. The patch itself is apparently 
fairly ugly, but Andrew Morton at least 
was unable to find a way to improve it. It’s 
likely to go into the kernel very soon. 

Daniel Phillips has written Ramback, 
a new virtual block device with the speed 
of a RAM disk and the data persistence of 
a hard drive. Users see a regular filesys- 
tem, but all file activity is done in RAM 
and then quietly mirrored to a hard disk 
back end. Daniel has measured a 25-fold 
speed increase with this approach. The 
gotchas all tend to center around how 
and when the data migrates from RAM to 
the hard disk. Daniel’s approach has been 
to focus on the behavior during clean 
shutdowns and restarts, but there is still 
a big gray area regarding what happens 
when the system crashes. Daniel is very 
excited about the possibilities for a really 
fast user experience, but acknowledges 
that there are still a lot of technical 
problems, and that people shouldn't be 
storing their data in Ramback just yet, 
unless they want to help debug and 
develop it. The biggest critic of Daniel's 
patch seems to be Alan Cox, who 
questions whether a virtual device even is 
needed. He suggests a simple RAM disk, 
with a user daemon that saves everything 
to disk on a periodic basis. So, it’s 
unclear whether Ramback will make it 
into the kernel. Although with Linus’ new 
acceptance policies, who knows? 

—ZACK BROWN 
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1. Millions of people who access the Internet 
every day from a cyber café: 500 


2. Number of Linux-based Web hosting services 
in Netcraft's top 20: 21 


3. Number of Linux-based Web hosting services 
in Netcraft's top 25: 13 


4. Number of Linux-based Web hosting services 
in Netcraft's top 10:5 


5. Number of Linux-based Web hosting services 
in Netcraft's top 1: 1 


6. Number of open-source (Linux, BSD, Solaris, 
F5 Big-IP) OS-based Web hosting services in 
Netcraft’s top 50: 29 


7. Number of Windows-based hosting services 
in Netcraft's top 50: 12 


8. Linux percentage growth year over year in 
the North American POS (point-of-sales/service) 
terminal market: 32 


9. Millions of dollars in latest year of Linux 
POS sales in North America: 475 


10. Position of cost among the top IT concerns 
in Australia: 1 


11. Minimum billions of dollars to be spent 
annually on SMB (small/medium business) 
technology in 2012: 615 


12. Billions of dollars spent annually by the IT 
industry to reach and influence buyers: 174 


13. Predicted annual Linux server sales, in billions 
of dollars, predicted in 2004 for 2008: 9.1 


14. Billions of dollars spent on Linux servers in 
Q4 2007: 2 


15. Billions of dollars spent on UNIX servers in 
Q4 2007: 5.2 


16. Billions of dollars in combined Linux/UNIX 
server sales in Q4 2007: 7.2 


17. Billions of dollars spent on Windows servers 
in Q4 2007: 5.7 


18. Linux server sales growth rate percentage in 
Q4 2007: 11.6 


19. Percentage growth in server blade sales in 
Q4 2007: 54.2 


20. Billions of dollars Sun Microsystems paid for 
MySQL: 1 


1: Jooce.com | 2-7: Netcraft.com, 
for February 2008 | 8, 9: IHL Group, via 
Linux Devices | 10-19, IDC, via TechRepublic, 
ITJungle, BetaNews, IDC and HitsLink 
20: San Jose Mercury News 
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Eee PC Gets an Upgrade 


ASUS's little Eee PC notebook (or 
UMPC, Ultra-Mobile PC) computer, 
which has sold hundreds of thou- 
sands of units since hitting the streets 
late last year—and which ASUS 
expects to sell up to 5 million of in 
2008—is getting a bit more capable. 
At CeBIT in March, ASUS unveiled the 
Eee PC 900. Improvements over the 
original (G4) include an 8.9" WSVGA 
(1024 x 600) display (the original was 
800 x 400 WVGA), 8GB or 12GB SSD 
storage (up from 4GB) and 1GB of 
RAM (up from 512KB). Other than 
that, everything else is pretty much 
the same. It’s still only two pounds, 
features three USB ports, card read- 
ers, wireless (802.11b/g) and wired 
Ethernet, a Webcam and a claimed 
battery life of up to four hours. It is 
due for release this summer, reportedly 


LinuxJournal.com 


There are many ways to enjoy Linux 
Journal on-line. Follow us on Twitter, 
become a fan on Facebook, and join 
our Flickr pool. Links to these sites 
can be found on our home page. 
Would you like to connect with 
Linux Journal through other on-line 
networks? Send your suggestions to 
webmistress@linuxjournal.com. 

As always, LinuxJournal.com offers 
Web-only articles and blogs that keep 
us all up to date on current issues in the 
Linux community. Glyn Moody regularly 
inspires conversation by blogging the 
politics of open source with discussions 
on large companies like Dell and 
Microsoft, intellectual property and 


USER FRIENDLY by J.D. “Iliad” Frazer 


1S THAT...? WOW! IS THAT 
A TERABY TE OF RAM? 


YEP! AND IF I 
USE RAMBACK, I 
CAN HAVE A HUGE 
RAMDISK/ 


COPYRIGHT: 2008 2.0, “Vithew™ Franner WTTR/ /W WW AERPRIENDLTORG/ 


OR, I COULD RUN A WHOLE 
BUNCH OF VIRTUAL MACHINES, 
AND HAVE FUN WITH THAT... 


/ 


at a price of 399 Euro, or whatever 
that costs in the US when you read 
this. It’s an increase over the original 
model price. That one, at press time 
(March), was running mostly in the 
mid-$300 (US) range at on-line stores. 
Oh, and they’re “Windows-ready” , 
but that OS costs extra. Linux still 
comes standard on the base model. 


Resources 


l™ ASUS Showcases Expanded Eee PC Family 
of PCs at CeBIT 2008: eeepc.asus.com/ 
global/news03042008.htm 


™ Linux-Powered Mini-Laptop Gets Larger 
Display: linuxdevices.com/news/ 


NS5536771397.html 


—DOC SEARLS 


other issues relevant to the Open 
Source community. Doc Searls offers his 
perspective on topics such as on-line 
privacy, social media and open source in 
business. There is always a lively discus- 
sion on Doc's blog, and we invite you to 
add your perspective. 

We also invite you to stay current 
with new content at LinuxJournal.com 
by subscribing to our RSS feeds. 
Whether you are interested in our 
front page content, news stories, 
videos or specific topics only, you can 
customize your reading preferences 
with the feeds of your choice at 
www.linuxjournal.com/rss_feeds. 

—KATHERINE DRUCKMAN 
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UPFRONT 


Bravia for the GPL 


A few months back, Peter Semelhack 
of Bug Labs mentioned to me that his 
new Sony Bravia flat-screen TV came 
with some interesting paperwork: a 
statement about GPL'd software. As 
it happened, we also own a Bravia 
flat-screen. Sure enough, when | 
looked at the pile of paperwork that 
came with it, there was a large folded 
sheet covered with small type titled 
REQUIRED PUBLIC STATEMENT FOR 
GPL/LGPL LICENSED SOFTWARE USED 
IN THIS TELEVISION. Above almost 
four pages containing the full text 

of the GPL v.2 and the LPGL v.2.1 
licenses, Sony says: 


The following GPL executables 
and LGPL libraries are used 

in this product and are subject 
to the GPL/LGPL License 
Agreements included as part 
of this documentation: 


GPL EXECUTABLES: 

° ontaVista Linux kernel 
e BusyBox 

e insmod 


LGPL LIBRARIES: 
ibuCibc.so 
d.so 

ibc.so 
ibn.so 
ibgcc_s.so 
ibstdc++.so 


Source code for these executa- 
bles and libraries can be 
obtained using the following 
link: www.sony.com/linux. 

That link leads to a simple page 
with links to code behind four prod- 
uct categories: 

Bravia Internet Video Link 

Television 

Set-top Box 


LocationFree TV 


The Bravia link leads to .tgz files for 
these hunks of code: 


Linux kernel 
BusyBox 
uClibe 

zlib 

curl 

libpng 
freetype 
openssl 


The Television link leads to a list of 
TVs made in the last five years: 


10 in 2003 
16 in 2004 
22 in 2005 


40 in 2006 


54 in 2007 


| bought our TV, a KDL-40XBR2, in 
November 2006, and found it in the 
2006 list. When I click on that link, | 
get to the Open Source Code 06 sec- 
tion of Sony's “Open Source Code— 
English” page. There, | see that my 
TV runs on the ATI GTX Linux kernel, 
which is a blue link that starts down- 
loading the source code when | click 
on it. 

I'm no hacker, so | probably won't 
do anything funky with our television. 
(More capable friends are welcome, 
family permitting.) Instead, I'll sit con- 
tent to know there’s one more Linux 
device in our house, and that clearly 
we're moving toward GandhiCon IV. 
That's the last stage suggested by 
Mohandas Gandhi's famous state- 
ment, “First they ignore you, then 
they laugh at you, then they fight 
you, then you win.” 

Of course, if we've won, that means 
that Linux in the TV is a feature and not 
a buried host for functions. How long 
before that happens? 

—DOC SEARLS 


Can Linux and 
Windows Ever 


Linux Makes Phones a same 
Even Cheaper angen: 


Purple Labs, a company 3G phones while reducing 
based in France with a investment". 

multinational management The latest of these is 
team, is pushing Linux Purple Magic, which Purple 


mobile phones outward in Labs calls a "reference NIS, PAM, pee 
capabilities and downward design" for "the 1st sub- etc/passwd Kerberos 
in price. $100 3G Linux feature 
Positioned as "the only phone". Features include 
independent software ven- F mw music playback, Internet 
dor with a complete Linux —— browsing, video telephony 
solution for mass-market = oO = | and video streaming, in 
3G phones", Purple Labs a £ addition to plain-old cell 
pushes its customers to = ee phone service. 


"replace their legacy RTOS 
with a flexible and scalable the picture, it doesn’t look 
Linux platform, accelerating bad, either. 

development of feature-rich —DOC SEARLS 


And, as you can see from 
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Here’s One 
Word They Both 
Understand: 


They Said It 


Some people think innovation in First, companies have to 
technology is about how hard it decide: either they're in or 

is to implement, or how long it they're out. You either make 
took, or how complex it is, or meatballs, or you're part of 
convoluted. They see innovation this new regime. But if you 
as wizardry. | see it differently. only want to use the regime 
I'm impressed by the ratio of to just sell more [meatballs], 
functionality to complexity. | you're going to fail. 

like that number to be as big 
as possible, because the less 
complex it is, the fewer moving 
parts, the less likely it is to 
break, and the easier it will be 
for others to build on the idea. 


© centrify: 


—Seth Godin, www.usnews.com/articles/ 
business/best-in-business/2008/01/10/ 
selling-in-a-post-meatball-era.htm| 


Patents act as a tax, 
—Dave Winer, www.scripting.com/stories/ an innovation tax. 
2008/02/18/theSimplestPodcastApiEver.html 


Active Directory-centric 
authentication, access 
control, and password 
management for Linux, 
UNIX and Mac OS 


—James Bessen, co-author of Patent 
Failure, from a talk at the Berkman Center, 
March 3, 2008 


Since 9/11, approximately 
three things have potentially 
improved airline security: 
reinforcing the cockpit doors, 
passengers realizing they have 
to fight back and—possibly— 
sky marshals. Everything else— 
all the security measures that —Albert A. Bartlett, PhD, Emeritus 

affect privacy—is just security Professor of Physics, University of Colorado, 
theater and a waste of effort. www. youtube.com/watch ?v=F-QA2rkpBSY 


The greatest shortcoming 
of the human race is the 
inability to understand the 
exponential function. 


—Bruce Schneier, www.schneier.com/blog/ 
archives/2008/01/security_vs_pri.html 


—DOC SEARLS 


Visit us at: 
www.centrify.com/speak 
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What Are They Using? 


| was celebrating Leap Day (February 29) 
at a London pub with Mark Antony 
Kent, Head of Technology Strategy at 
British Telecom, hoping also to pump 
his brain for insights to follow up on a 
contentious FCC hearing at Harvard 
earlier that week—one convened to visit 
issues around Comcast's valving of 
BitTorrent traffic. Mark is both a telecom 
and Internet veteran of long standing, 
and he’s full of exciting ideas about how 
to work around the congestion issues 
that got Comcast into so much trouble. 
In the midst of this, | learned that Mark 
was coincidentally a veteran Linux hacker 
who also packed a lot of lightweight Linux 
iron around with him. When he began 
pulling some of this stuff out and showing 
me what it did, | pulled out my little 
Canon camera to record his ad hoc demo 
(which later made a nice little podcast) and 
to document details | could share here. In 
brief, here’s the gear he talked about and 
how he uses it: 


1. EfficientPC generic Linux box. His 
came with a MythTV PCI card that 
comes with its own digial TV tuner 
and a remote control. “| just plugged 
it in and it works”, Mark said. Signals 
he picks up from the BBC and other 
sources are recorded here, where he 
downcodes with... 


2. MEncoder, a free GPL'd command- 
line tool for downloading, encoding 
and filtering for video. The resulting 
files are then transferred to his... 


3. Nokia N800 UMPC (ultra-mobile 
PC). Here, he stores the shows on 
a Flash card. The N800 has two 
slots for these, one inside and one 
on the bottom. He uses one for 
video and the other for audio. He 
showed me a Father Ted show he 
had recorded, which the N800 
organizes with the amazing... 


4. Canola media center, which plays 
beautifully through MPlayer, complete 
with stereo sound through its little 
speakers or through a headset. Mark 
fills up several cards with video and 
does his telly watching on the train, 
on a screen far bigger than that of, 
say, an iPhone. He records audio 
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directly from the FM tuner built in to 
the N800, or listens live. (The FM 
radio is a feature sadly missing on the 
newer N810. Hope it comes back in 
future versions.) He also stores both 
video and audio at home on a... 


Excito Bubba media server, which 
runs on Debian with the 2.6 Linux 
kernel. At home, his N800 sees the 
Bubba’s Wi-Fi signal, from which 
Canola can discover files using the 
DAAP and UPnP protocols, then list 
and play them directly. He also has... 


. Two Nokia N770s, which are the 


predecessors to the N800. He liked 
them so much that he just had to 
have two. “Then, when (the N800) 
came out, | wanted the radio. The 
770s also run Canola and play every- 
thing from the Bubba.” Mark says, 
“The 770 has a Samba server as well, 
which also increases possibilities. ” 
Thanks to these lightweight items, 
he stopped hauling around a laptop, 
and instead uses the N800 as his 


portable computer, thanks to a... 


7. Bluetooth keyboard. At home, he 
also has... 


8. Another Linux PC—"an ASUS thing 
from the EfficientPC guys”, with dual 
flat-screen monitors. Back on the road, 
he also can get on the Net by blue- 
toothing from his handhelds over a... 


9. Motorola A780, which is coinciden- 
tally Linux-based as well and uses 
2.5G “edge” technology. He has 
also ordered an... 


10. ASUS Eee PC for his son. “He's a Mac 
guy”, Mark said, but “he saw this 
and really, really wanted one”. Mark 
is “desperate to get one” as well. 


Mark’s enthusiasm was infectious, 
and | caught the bug. After | flew back 
home to the US the next morning, | 
immediately started to ramp up my own 
version of Mark's portfolio of cool tools. 

—DOC SEARLS 
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Authenticating to a 
Rails Application 


Do you wish that Rails came with more built-in functionality? Plugins 
bridge this gap, offering solutions to many common problems. 


Last month, we began to look at OpenID, the 
open standard for distributed identification on the 
Internet. OpenID allows you to have a single user 
profile, authenticated against a provider you trust, 
and to use that profile with many different Web 
sites and Internet applications. OpenID has been 
growing in popularity during the past few years, 
after it was first developed and used by blogging 
company LiveJournal. Since then, it has become a 
more popular and open standard, and is now 
supported by many Web sites, as well as all popular 
programming languages. 

| was hoping to use this month's column to 
show how easy it is to make a Web application 
compliant with OpenID—or in OpenID terminology, 
to make it into an OpenID consumer. It turns out 
that adding OpenID capabilities isn’t actually that 
complicated or difficult, particularly with a popular 
framework like Ruby on Rails, for which there are 
many established plugins. 

However, | also found that the OpenlD plugin 
for Rails works especially well with a plugin called 
acts_as_authenticated. This plugin provides a 
simple, secure and highly customizable authenti- 
cation system for Rails applications. So this 
month, we are taking a slight detour, looking at 
how we can use acts_as_authenticated in Rails 
applications. Along the way, we can see how to 
download and use Rails plugins, an important 
part of Web development with Rails. Next month, 
we'll build on what we have created, adding 
OpenID to our application for a truly flexible set 
of login options for our users. 


Rails Plugins 
Although Rails provides a great deal of functionality 
for developers, it offers few application-level fea- 
tures. Rather, most of its functionality is in the form 
of objects and methods that programmers can use 
to create new applications. But, there are no built-in 
applications, or application fragments, or even a 
centralized database schema that developers can 
expect to find in every Rails installation. 

The Rails core developers have said that this is 
done on purpose, because every application has dif- 
ferent needs, and it would be impossible to please 
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everyone. And indeed, | understand their point. 
Each of my applications always has needed to keep 
a slightly different type of information about users, 
let alone other types of data. Any choice the devel- 
opers might make will be wrong for some people. 

| happen to think there is a middle ground here. 
Perhaps the Rails core doesn’t need to include a 
complete solution for users, groups and permis- 
sions. But, given the overwhelming number of 
applications that do define and use such objects, it 
would make sense to include an easily extensible 
skeleton within the framework itself. 

Such extensions are unlikely to appear in the 
near future, given the strong feelings the Rails 
core team has expressed about them in the past. 
However, all is not lost. Rails includes a “plugin” 
system that makes it possible to download collec- 
tions of code—including models, views, controllers 
and more—and to install them into an application. 
If you can find and install an appropriate plugin, 
you get something of a compromise solution. Once 
installed, the code acts as if it were an integral 
part of your application. And, of course, you can 
add only those plugins that are important to your 
particular application. 

Because so many applications require users to 
register and authenticate, it should come as no 
surprise that there are a number of available plugins. 
One of the most popular is acts_as_authenticated, 
a plugin written by Rails core team member Rick 
Olson. The name does not refer to an actual decla- 
ration, but is rather a playful way of saying that it 
was designed to work with Rails. And, although the 
README file (displayed when you install the plugin) 
indicates that it has been deprecated (in favor of 
restful_authentication), acts_as_authenticated is 
popular and stable enough, and plays well enough 
with OpenID, that it is worth a look. 

Rails plugins are installed with the built-in plugin 
tool, located in script/plugin. You can list the plugins 
that are available: 


script/plugin list 


But, this will list only those plugins located at 
one of the sources known to the system. To see a 


list of these sources, simply type: 
script/plugin sources 

To add a new source to the list, simply say: 
script/plugin source http://svn. techno-weenie.net/projects/plugins/ 


Sure enough, after doing this, running 
script/plugin sources shows the new URL. 
And, of course, now typing script/plugin list 
shows many new plugins, from both the old 
source and the new one. 


Installing acts_as_authenticated 

To install a new plugin—say, acts_as_authenticated— 
we must provide its URL to script/plugin. This is as 
easy as the following: 


script/plugin install 
http://svn, techno-weenie.net/projects/plugins/acts_as_authenticated 


Now, what happens when you install a plugin? 


Rails installs it into the vendor/plugins directory, 
under a new directory named after the plugin. 
Thus, my installation of acts_as_authenticated 
installed a number of files into vendor/plugins/ 
acts_as_authenticated. 

In and of itself, installing the plugin doesn’t 
change my Rails installation or add any new 
functionality. Rather, a plugin typically creates 
one or more generators, which are used to create 
or modify files used by the application. 

In the case of acts_as_authenticated, it comes 
with two different generators, which we can see 
by going into the generators subdirectory. Here, 
there are two generators, named authenticated 
and authenticated_mailer. If we go into the authen- 
ticated directory, we see authenticated_generator, 
which is what defines the generator. This allows 
us to go to the root directory of our Rails applica- 
tion and type: 


script/generate authenticated user account 


The above tells Rails that we want to use the 
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If you can find and install 
an appropriate plugin, 
you get something of 

a compromise solution. 


authenticated plugin, which it finds in the plugin 
directory. The other arguments to this command 
indicate the model (and table name) we will use 
(user in this case), and the controller that should be 
generated to handle accounts. 

The generator creates a migration file, defin- 
ing the columns of the Users table using Ruby 
for greater database independence. In order to 
create the columns of the database, we must run 
the migration: 


rake db:migration 


Using my PostgreSQL database client, | now can 
see that the migration did its job: 


atf_development=# \d users 


Table "public.users" 


Column | Type 
SeegoeeEoesiees Sere eee cbse ete ated ete arenas onan ee eter 
id integer 
login character varying(255) 
email character varying(255) 


crypted_password character varying (40) 


salt character varying (40) 


created_at timestamp without time zone 


updated_at timestamp without time zone 


remember_token character varying(255) 


remember_token_expires_at | timestamp without time zone 
Using the Plugin 
Now that | have incorporated acts_as_authenticated 
into my application, | should be able to do several 
simple things: 


1. Mark pages as open to the public. 


2. Mark pages as private—that is, open only to 
registered users. 


3. Allow people to register. 
4. Allow users to log in. 
5. Allow users to log out. 
All of this is not only possible with 


acts_as_authenticated, but it’s also quite easy. To make 
pages require authentication by default, we can say: 
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before_filter :login_required 


Of course, if we require that people log in before 
they use the login page, users will find themselves 
in an infinite loop. So, we can add an exception for 
that at the top of account_controller.rb: 


before_filter :login_required, :except => [:login, :signup 


Once this filter is in place, trying to visit any 
page other than login or :signup bounces us back 
to the login page. 

I'm going to register, by entering my login 
name, my e-mail address and my password 
(twice) into the registration form. Once | click on 
the submit button, the application inserts my data 
into the database. I’m in there, with ID #1, and 
my plain-text data as well as my encrypted data. 

Moreover, after registering with the site, | am 
now signed in as well. | can view any page | want, 
without having to log in again. My login will last 
until | go to the /account/logout URL. Unfortunately, 
the default index.rhtml page that comes with 
acts_as_authenticated does not make it clear 
when you have logged out. We can check that 
easily by adding a line to the top, showing the 
contents of non-blank notices: 


<p><%= flash[:notice] if not flash[:notice] .blank? %></p> 


We now have a basically working version of an 
authenticated Web server. People can register (and log 
in if they are already registered), and we can add both 
restricted and unrestricted pages via the controller and 
the before filter :login_required command. 


Modifying the Default Behavior 
acts_as_authenticated is good enough for many 
sites as it currently stands. However, there are a 
number of plugins, suggestions and modifications 
that you can use with acts_as_authenticated. 

For example, many registrations systems want to 
stop bots from automatically creating user names or 
e-mail addresses, which can be used to send spam. 
Thus, it’s common for the registration system to 
ask that users confirm their membership requests 
via e-mail. So, you enter your information at the 
site and receive a message that asks you to click 
on a link. Only after clicking on that link is your 
account actually activated. 

This functionality, although not an obvious part 
of the core acts_as_authenticated plugin, comes 
with it and is easy to use. Basically, we use the other 
generator that comes with acts_as_authenticated. 
This creates the templates and most of the logic that 
we need for people to confirm their login status. 

There are a wide variety of other things you 


can do with acts_as_authenticated. For example, 
you can set it so that passwords are encrypted, 
but in a way such that it would be reversible. 
Another common task is to let users change their 
personal information, such as e-mail addresses 
and telephone numbers. 


Conclusion 

This whole discussion of acts_as_authenticated 
began because | wanted to use OpenID in a Rails 
application. However, | also wanted to integrate 
OpenID with an existing authentication mechanism, 
which brought me to acts_as_authenticated. Now 
that we have a working, if bare-bones, authentica- 
tion system on our Web site, we can move on to 
the next step. 

Even if you are not using acts_as_authenticated 
in your Rails application, it's useful to see how 
plugins work, how you interact with them and 
how you can use them to build your Rails appli- 
cation out of parts that have been contributed 
by other programmers. 

Next month, we will look at how we can 


integrate OpenID into our login system—namely, 
allowing people to log in using either a user 
name/password combination or Open!D.m 


Reuven M. Lerner, a longtime Web/database developer and consultant, is a PhD 
candidate in learning sciences at Northwestern University, studying on-line 
learning communities. He recently returned (with his wife and three children) 
to their home in Modi’in, Israel, after four years in the Chicago area. 


Resources 


If you're still new to Rails, | strongly recommend The 
Rails Way by Obie Fernandez. | have found it to be 
both clear and comprehensive, and one chapter in 
the book is dedicated to acts_as_authenticated. 


There are a number of good resources about 
acts_as_authenticated on the Web. However, 
the most comprehensive is the author's Wiki, at 
technoweenie.stikipad.com/plugins/show/ 
Acts+as+Authenticated. 


Easy MPI Debugging 


PGDBG is an easy-to-use graphical parallel MPI, OpenMP and hybrid 
MPI+-OpenMP debugger for Linux and Windows clusters. PG! CDK 


compilers and tools are available directly from mast cluster sunnliers, 
Take a free test drive today at www.pgroup.com/reasons 


GI CDK Cluster Development Kit 


The Portland Group, Inc. is an STMicroelectronics company. CDK is a trademark or registered trademark of STMicroelectronics. PGI, Cluster Development Kit, and PGDBG are trademarks or registered trademarks of The Portland Group, Incorporated. 
Other brands and names are the property of their respective owners. 
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Note: 


If you have an 
artistic side, you 
may want to 
create additional 
playgrounds for 
your own kids or 
to share with 
others. Click Help 
on the KTuberling 
menu bar, and 
select KTuberling 
Handbook. In 
the Technical 
References sec- 
tion, there are 
instructions for 
creating a play- 
ground and pub- 
lishing the results 
in a theme. 


Learning...Disguised 


It has been said that playing is a child’s work, because play is the 
means by which young children learn. You have to wonder if that’s 
where the expression “mixing work and play” came from. 


If | seem dumbstruck, Francois, it’s because I’m 
desperately trying to decide what you possibly could 
be up to. Quoi? Of course, | know it’s you. You're 
wearing a cheesy plastic nose, mustache and pair 
of glasses. You're surprised? Of course, it’s not a 
good disguise, mon ami. Anyone who knows you, 
including everyone who regularly comes into this 
restaurant, would recognize you instantly. You could 
argue that it makes you look different, but | can't 
decide whether you look like Groucho Marx, a 
clown or Mr Potato Head. Oh, don’t be offended. 

| happen to be a big fan of both Groucho and Mr 
Potato Head. What about clowns, you ask? To be 
honest, I’ve never been sure about clowns. | sup- 
pose | should ask you for an explanation for all this, 
but we shall discuss it later. Our guests are arriving 
as we speak. 

Good evening, everyone, and welcome to Chez 
Marcel! Your tables are waiting, so please take your 
seats and make yourselves comfortable. Francois, 
please remove that silly disguise and head down 
to the wine cellar. Bring back the 2002 Catena 
Malbec from Argentina. You'll find two cases in 
the south wing next to the ancient Egyptian 
hieroglyphic tablet you ordered from Tablets 
Galore. Our guests, no doubt, will love this rich 
and intense Malbec. Vite! 

You'll have to forgive him, mes amis, he is an 
excellent waiter, but his mind occasionally works in 
very strange ways. Having accused him of looking 
like Mr Potato Head, I'm reminded of a great Linux 
game called Potato Guy, also known as KTuberling. 
KTuberling, written by Eric Bischoff and others, is 
part of KDE’s kdegames package, and as such, it is 
easily installed from your distribution’s repositories. 
This is a computerized version of the potato-head 
game where you plug various plastic eyes, ears, 
noses and hats in to a plastic potato to create a 
funny-looking potato person (Figure 1). The official 
Mr Potato Head is, of course, the famous store- 
bought version of this game, sold by Hasbro. | 
must confess, mes amis, that | am old enough to 
remember when the potato wasn’t included with 
the game. You used a real potato. But, | digress. 

The screenshot you see in Figure 1 is from the 
KDE 4 version of the game. As you add various 
pieces to the potato guy, a friendly voice speaks the 
names of those parts: “nose”, “eye”, “spectacles”. 


uou 
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New toad Seve Print undo 


Figure 1. KTuberling 


Your kids will have a ball dressing up the spud, 
rearranging things, trying on different body parts and 
accessories. If you are in the middle of a particularly 
great KTuberling masterpiece, you can save your 
work and return later. If you are happy with the 
results and want to share your creation, you have 
two other options. The first is to print the image by 
clicking Game on the menu bar, and then Print (or 
click the Print icon). Alternatively, click Game, and 
select Save As. From here, you can export the 
image. KTuberling saves in the Targa image format (.icb 
extension) by default, but you can generate a different 
format by specifying the extension. For example, to 
save in PNG format, save as picture_name.png. 
Spuds aren't your only choice, and there are, in 
fact, two different potato styles: the default leaner 
spud and a somewhat plumper, more classic tuber. 
Each tableau is referred to as a playground. Click 
Playground on the menu bar, and you'll find a 
moonscape to populate with spaceships, aliens and 
astronauts (Figure 2). Populate an ancient Egyptian 
scene, visit a snow-covered hill and decorate some 
Christmas trees, or start with a pizza crust and go 


" ® Potato Guy ae background completes the effect. Your job is to move 


Game Edit Playground Speech Settings Help a teeter-totter back and forth to catch a bouncing 
© £3 « TheMoon clown (which, in turn, sends your clown flying). The 
on sont Train valley bouncing clowns, in turn, pop the floating balloons. 


Christmas If it all sounds vaguely familiar, that’s because 
posed a Circus Linux is a clone of a really old Atari 2600 
tare -” game called Circus Atari, albeit with better graphics. 


The whole bit about popping balloons is further 
reminiscent of any of a hundred incarnations of the 
classic Breakout. Circus Linux is a one- or two-player 
game, which means you can challenge your little 
clown to a game. The sound effects and music can 
be turned off or on from the intro screen. Other 
options include bouncing balloons and floating 
obstacles on which your clowns can crash and fall 
to the ground. 

| actually don’t have anything that says 
“Groucho”, but you already may be noticing a 
theme here. These programs, although they can be 
fun for adults, are more for the younger Linux 
experts among us. The next item on today’s menu is 
called, appropriately, Childsplay, and calling it a game 
may not be appropriate, as it is actually a collection 
Figure 2. The moon's surface is just one of several play- of games. Childsplay is an engine that handles 
grounds available to decorate. plugins, and each game is a plugin. The games are 
geared for an age range of 2-7. As such, they are 
all fairly simple for the readers of this column but 
somewhat more challenging for young children. 

The plugin concept means that anyone can write 
games for Childsplay, but at the time of this writing, 
the package consists of 11 different games, a 
couple of which qualify as great nostalgia trips 
for the parents out there. For starters, there is a 
very simple game of Pong, slowed down enough 
to allow small players to move the paddles into 
position. You'll also find an educational version 
of the classic Pac-Man game. In this one, you 
help the yellow smiley character chase down the 
letters that make up words (Figure 4). 


Potato Guy 


"5 Chttdaplay, educational games for young chilies 


Figure 3. Catch the bouncing clowns, pop the balloons and 
win the day! Circus Linux is silly fun. 


wild with toppings. 

Given that | accused a certain waiter we all know 
of looking like a clown, it seems appropriate that | 
mention a great old game for the kids. 

Circus Linux, fromm New Breed Software, is a 
great, and very silly, little game that takes place 
inside the big top of a circus, and yes, the main 
characters are clowns (Figure 3). At the top of the , 
big top, colorful balloons float back and forth. A 
band plays, and a seal balances a ball on its nose. : 


A juggling bear riding a unicycle makes occasional Figure 4. Chomp the letters, eat your words, and move 
appearances, and bouncy circus music in the up a level. 
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A little side note before | continue—Childsplay 
runs in full-screen mode by default, which is proba- 
bly ideal for the little ones. You may, however, want 
to run it in windowed mode, assuming you need to 
keep an eye on logs or an IM chat while your child 
plays (childsplay --window). The game starts with 
a string of icons representing the various games 
(Figure 5). Click on any of the icons, and you are off 
to the races. 


"4 Ciaidsplay, educational games tor young children 


Figure 5. The main Childsplay screen lists the available 
games. Simply click an icon to play. 


Down along the bottom of the screen, there's a 
little stop sign that you can click at any time to get 
out of the current game and return to the top. 
There's also a scoreboard to keep track of how you 
are doing. Most games come with a few different 
levels. When you successfully complete the game, 
you are congratulated with a “Woo Hoo!” or an 
explosion proclaiming the game over. 

There's a classic memory game where you turn 


Childsplay is not complex, is certainly 
not fast-paced, and it requires no 
high-end graphics card to operate. 


over cards looking for two that are the same (Figure 
6). A second version of this game plays sounds 
rather than showing pictures. The player then needs 
to remember which button played what sounds and 
match them up. Another version of the game dis- 
plays a number of pictures, then plays a sound that 
your child must match to the picture. There are 
falling letters that must be typed before they hit 
the bottom of the screen, letters and numbers that 
must be clicked as they are spoken, and some 
simple animal pictures that make the appropriate 
sounds when clicked. Make sure you download the 
latest plugins to get an animal flash card set that 
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Figure 6. Childsplay contains two simple memory games. 


S OComprts 


Figure 7. GCompris’ start screen lets you select activities 
from different categories, such as reading, numbers or 
puzzles. 


plays a large number of animal sounds along with 
pictures and their position in the alphabet. For the 
budding pool shark, Childsplay also comes with a 
very simple pool game that starts out with a single 
ball, and then adds balls as the child becomes 
familiar with the concept. 

Childsplay is not complex, is certainly not fast- 
paced, and it requires no high-end graphics card 
to operate. It is aimed at a very young audience, a 
group that still appreciates wooden shape-matching 
puzzles and stacking blocks. It’s good, simple, 
educational fun for the younger set. 

Along the same vein, but somewhat more 
polished, GCompris is another collection of games 
for children, geared for ages 2-10. GCompris is 
pronounced like the French words, J’a/ compris, 
and it literally means, “I have understood”. When 
the game starts, a colorful screen with a left-hand 
sidebar lets kids (or their parents) choose from 
a category of activities. These include reading, 
strategy, math, amusements, puzzles, computer 


— GComprts -~ 


Figure 8. Young helicopter pilots are challenged to count as 
they fly into numbered clouds floating by. 


eee ees 


Figure 9. GCompris has a powerful, yet simple vector 
drawing program. 


skills, discovery activities and physical experimental 
activity (Figure 7). Clicking on any of these choices 
brings up a list of related games or activities. Some 
of these categories may have subcategories as 
well. Hover your mouse pointer over the icons, 
and a description of the current choice appears 
in the large blue bubble near the bottom of the 
main window. So, how many games and activities 
are there? GCompris comes with more than 100 
different activities, making it a must for your 
young penguinista. 

Reading activities include games to identify let- 
ters, match pictures to words, fill in missing letters 
and develop basic reading skills. Number games 
help players learn to count, identify numbers and 
do basic math. Those new to computers will find 
activities to develop keyboarding and mousing skills. 
There are lots of puzzles to work those brain cells, 
including several matching and memory games. 
Games? Yes, there are just plain-old games too. 


Kick a soccer ball into the goal, navigate a maze, 
go parachuting or pilot a submarine. In case you 
thought learning was anything but fun, check out 
the cool Numbers in Order game (Figure 8), which 
requires young pilots to fly into numbered clouds as 
they learn to count (the clouds do not necessarily 
appear in order). 

See? Learning is fun. 

GCompris also has some surprisingly capable 
little applications hidden beneath the surface, which 
sometimes mimic adult applications. For instance, 
there is a word processor, complete with built-in 
styles, ready to unleash your child's inner author. 

A built-in instant-messaging application means kids 
can chat with their friends (but they do have to be 
on the same network, so a classroom environment 
works well here). There's even a great little vector 
drawing application (Figure 9), just like Mommy 
and Daddy's, except more fun. 

This is the time, mes amis, where | must say, 
enough kidding around, closing time is here. Stay 
a little longer though, and the adults among you 
can enjoy another glass of wine before you head 
out. Francois will happily refill your glasses one 
more time before we say our final good-nights. 
While you sip that last glass, try another game or 
decorate another tuber, and remember that you're 
never too old to enjoy some simple, silly fun. 

Raise your glasses, mes amis, and let us all drink to 
one another's health. A votre santé! Bon appétit!m= 


Marcel Gagné is an award-winning writer living in Waterloo, Ontario. He is the 
author of the Moving to Linux series of books from Addison-Wesley. He also makes 
regular television appearances as Call for Help’s Linux guy and every month on 
radio's Computer America show. Marcel is also a pilot, a past Top-40 disc jockey, 
writes science fiction and fantasy, and folds a mean Origami T-Rex. He can be 
reached via e-mail at marcel@marcelgagne.com. You can discover lots of other 
things (including great Wine links) from his Web site at www.marcelgagne.com. 


Resources 


Childsplay: childsplay.sourceforge.net 


Circus Linux: www.newbreedsoftware.com/ 
circus-linux 


GCompris: www.gcompris.net 


KTuberling: games.kde.org/ 
game.php?game=ktuberling 


Marcel’s Web Site: www.marcelgagne.com 


The WFTL-LUG, Marcel’s Online Linux User Group: 
www.wftl-lug.org 
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DAVE TAYLOR 


Resizing Images, Sort Of 


What are shell script programmers to do when they finds themselves 
constantly scaling image dimensions for their blogs? Write a script to 


automate the process, of course! 


This might be a peculiarity of how | work with the 
Web, taking screenshots and then wanting to scale 
them to fit my page (especially when they're full-screen 
images), but | find that | spend a lot of time calculating 
how to reduce and scale images down evenly. 

For example, | might take a full-size screen capture 
of the window within which I'm writing this particular 
column just to find that it's 722 x 719 pixels across and 
down, respectively. But if | were to include it on my 
Weblog, | would want to reduce it down to no more 
than 600 pixels so that it doesn’t break my site layout. 

| actually could reduce the image within the 
screen capture application or use a secondary 
graphical app, but it turns out that Web browsers 
can scale images up or down based on explicit 


Instead, what I'd really like is a utility 
that can figure out the current height 


and width of an image and then 


automatically scale it to the new value 
| desire based on a scaling factor. 


“height” and “width” attributes. For example, let's 
say that the doc window is called edit.png. Then, 
| could include the image on a Web page with: 


<img src="edit.png" alt="editing a file" /> 


and it would work fine. To scale, it’s easy, simply 
add those height and width parameters. To make it 
match the image itself, I'd use: 


<img src="edit.png" alt="editing" height="719" width="722" /> 


However, as | said, it turns out that you actually 
can calculate different values, and the browser will 
scale it to match. To reduce the image 50%, for 
example, | would tweak it to read: 


<img src="edit.png" alt="editing" height="359" width="361" /> 
So that’s what | do on my site, and frankly, 
it’s a pain. 


Instead, what I'd really like is a utility that can 
figure out the current height and width of an image 
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and then automatically scale it to the new value | 
desire based on a scaling factor. That’s what we'll 
dig into for this column. 


Calculating Image Size 
There are some terrific image manipulation packages 
available in Linux, most notably ImageMagick, but 
we don’t need anything that fancy because the 
pedestrian, old, undersung file command can do 
the job for us. I’m going to be looking at only PNG 
(progressive network graphic) files, as those are very 
much the best for most Web uses, but it’s worth 
noting that many Linux file commands have a harder 
time calculating image dimensions for JPEG images. 
Here's an example: 


$ file edit.png 
edit.png: PNG image data, 722 x 719, 8-bit/color RGB, non-interlaced 


That's quite a bit of information actually, includ- 
ing the key elements—the dimensions of the image 
file itself. In this case, it's width x height, so 722 is 
the width, in pixels, and 719 is the height. These 
can be extracted from the output in a variety of 
ways, but the easiest is to use cut: 


width="$(file $filename | cut -f5 -d\ )" 
height="$(file $filename | cut -f7 -d\ )" 


If you try this, however, you'll find that the height 
is wrong. It has a trailing comma because cut is using 
spaces as the delimiter (which is what the weird-look- 
ing -d\ _ is specifying. The backslash escapes the 
shell interpreting the space as an arg delimiter. When 
you type this in, you'll want a space after the back- 
slash and before the closing parenthesis for just that 
reason. It's fixable though, by using sed: 


sed 's/,//' 


Now that we have numeric values, how do we 
scale them automatically? | like using the bc binary 
calculator, even though its interface is so crufty. 
Multiplying 722 by 0.50 (which is, of course, 50%), 
is done like this: 


echo 722 * 0.50 | bc 


except that the \* will be expanded. So, in fact, some judicious 
use of quotes addresses the problem neatly: 


width="$(echo "$width * $multiplier" | bc)" 


That's certainly more shell-scripty, and it works fine, except | 
found that with some implementations of bc, even adding 
scale=0, which theoretically should remove the trailing fractional 
element that results from the multiplication, didn’t give us an inte- 
ger return value. Again, a simple fix gives us the final script line: 


width="$(echo "$width * $multiplier" | bc | cut -d. -f1)" 


The same thing gives us the newly calculated “height”, 
and if the user specifies a multiplier that’s less than one, it 
scales down. If you specify a greater value, you just as easily 
can scale up. 


Making It Work as a Script 
Here's the basic script at this point: 


filename="edit.png" 
multiplier="0.75" 


width="$(file $filename | cut -f5 -d\ )" 
height="$(file $filename | cut -f7 -d\ | sed 's/,//')" 


width="$(echo "$width * $multiplier" | bc | cut -d. -f1)" 
height="$(echo "$height * $multiplier" | bc | cut -d. -f1)" 


echo "$filename scaled: width=$width height=$height" 
Testing it with the filename specified produces the following: 


$ sh scale-image.sh 
edit.png scaled: width=541 height=539 


That's not really exactly what | want, however. First, | want to 
be able to specify the filename and multiplier on the command 
line. Second, the output needs a slight tweak to be more use- 
ful—the values need to be surrounded by quotation marks. 

Here's what I'd like to see: 


$ sh scale-image.sh 0.75 edit.png 
edit.png: width="541" height="539" 
$ 


That's not too hard to accomplish given the basic script we 
already have. See if you can do it yourself. 

Tip: | actually use a “for name; do; done” loop to step through 
the file scaling, so | can specify a group of images and calculate 
them all en masse. Try it, coupled with the shift command, to 
remove the multiplier value once it’s saved into a named variable.= 


Dave Taylor is a 26-year veteran of UNIX, creator of The Elm Mail System, and most recently 
author of both the best-selling Wicked Cool Shell Scripts and Teach Yourself Unix in 24 Hours, 
among his 16 technical books. His main Web site is at www.intuitive.com, and he also offers up 
tech support at AskDaveTaylor.com. Follow him on Twitter if you'd like: twitter.com/DaveTaylor. 
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MICK BAUER 


Customizing Linux Live 


CDs, Part Il 


Use encrypted folders with your custom live CD. 


Last month, | described a simple procedure for 
customizing the standard Ubuntu Desktop 7.10 live 
CD. We got as far as uninstalling software packages 
to make room for other things, installing some of 
those other things and updating all packages on the 
live CD image. 

This month, | go a step further by creating a 
TrueCrypt-encrypted Documents directory that you can 
mount from a USB drive, in conjunction with your live 
CD. Although that’s handy in and of itself, you'll be 
able to use the same method, with only minor modifi- 
cations, to encrypt other important directories as well. 

As with last month's article, here | use Ubuntu 
both as the master system to customize and repack- 
age our live CD and for the source of the live CD ISO 
image we'll customize. It’s a popular and surprisingly 
compact mainstream distribution. So, also like last 
month's column, much of what follows will apply 
directly to other squashfs-based distributions, such 
as Linux Mint, SLAX and BackTrack (not to mention 
Ubuntu variants, such as Kubuntu and Edubuntu), 
and indirectly to most other live CD distributions. 

I'm going to avoid the temptation to make this 
article a ground-up tutorial on volume encryption in 
general or TrueCrypt specifically. Either topic would 
make a substantial article all by itself. Maybe I'll 
tackle those at a later date, unless | can persuade 
the Paranoid Penguin's Minister of Cryptographic 
Outreach, Tony Stieber, to tackle them for me. (You 
may remember Tony's articles “GnuPG Hacks” and 
“OpenSSL Hacks” in the March 2006 and July 2006 
issues of Linux Journal, respectively). But, | will show 
you how to install TrueCrypt on Ubuntu systems, 
and how to create and mount TrueCrypt volumes. 


Installing TrueCrypt 
Although | just disclaimed the intention of making 
this a TrueCrypt primer, a little introduction is in order. 
TrueCrypt is a free, open-source, cross-platform 
volume-encryption utility. It’s also highly portable. 
The TrueCrypt binary itself is self-contained, and any 
TrueCrypt volume can be mounted on any Windows 
or Linux system on which the TrueCrypt binary will 
run or compile. TrueCrypt can be run either from a 
command line or in the X Window System. 
TrueCrypt is becoming quite popular and is held in 
high regard by crypto experts | know (it appears to be 
a sound implementation of known, good algorithms 
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like AES and Twofish), but its license is a bit complicat- 
ed. For this reason, TrueCrypt hasn't yet been adopted 
into Debian or Ubuntu officially, even though Ubuntu 
8.10's universe packages easycrypt and gdecrypt 
depend on it (see the Ubuntu 7.10 vs. 8.4 sidebar). 
So, to install TrueCrypt on an Ubuntu 
system, you need to download it directly from 
www.truecrypt.org/downloads.php. When | 
was writing this article, TrueCrypt version 5.1 was 
current, and the Ubuntu deb file | downloaded 
was called truecrypt-5.1-ubuntu-x86.tar.gz, though 
by the time you read this, it may be something else. 
Besides an Ubuntu deb package, TrueCrypt also is 
available as a SUSE RPM file (that also might work 
on other RPM-based distros) and as source code. 
Now, it’s time to install TrueCrypt. You're going 
to need to install TrueCrypt in at least two places: 
on the master system you're using to create your 
custom live CD and either on the live CD image itself 
or on whatever removable media (such as a USB 
drive) you're going to keep your encrypted volume. 
First, let's install TrueCrypt on the master system. 
Open a command shell, unpack the TrueCrypt archive 
in your home directory, and change your working 
directory to the directory that gets unpacked: 


bash-$ tar -xzvf ./truecrypt-5.1-ubuntu-x86. tar.gz 
bash-$ cd truecrypt-5.1 

Next, use the dpkg command to install the deb file: 
bash-$ sudo dpkg -i ./truecrypt_5.1-0_1386.deb 


With TrueCrypt 5.1, only three files are installed 
on your system: its license and user guide, both in 
/usr/share/truecrupt/doc/, and the binary itself, 
/usr/bin/truecrypt. TrueCrypt doesn’t require any 
special kernel modules; it’s a monolothic process. 
This means that if you copy /usr/bin/truecrypt to 
the same Flash drive on which you keep your 
encrypted volume, you won't need to install it on 
your Ubuntu live CD. 

You may prefer doing so anyhow. Here's how: 


1. Follow steps 00-12 in the procedure | described 
last month for mounting your custom ISO and 
chrooting into it (see Appendix). 


Ubuntu 7.10 vs. 8.4 


| based the customized live CD in this article's examples on Ubuntu 7.10, 


2. From a different, non-chrooted shell, copy the aka Gutsy Gibbon. When | wrote the article, 7.10 was current, but due 
TrueCrypt deb package truecrypt_5.1-0_i386.deb to Linux Journal's printing schedule, by the time you read this, Ubuntu 
into the ISO root you just chrooted into 8.4 (Hardy Heron) should be available. However, most, if not all, of the 
(isonew/custon/ in last month's examples). example commands herein should work fine with Ubuntu 8.4. 

3. Back in your chrooted shell, run dpkg -i Note that Ubuntu 8.4 includes the packages easycrypt and gdecrypt, 
./truecrypt_5.1-0 _1386.deb (no sudo two graphical front ends for TrueCrypt, but no packages for TrueCrypt 
necessary here, as you're already root). itself, on which both easycrypt and gdecrypt depend (though the 

latter, even without TrueCrypt, can create non-TrueCrypt-compatible 

4. Finally, follow steps 19-33 from last month's encrypted volumes). So the instructions | give here on downloading 
procedure to clean up, unmount and repackage and installing TrueCrypt itself still are applicable to Ubuntu 8.4. 


your custom live CD image. And, of course, use 
your CD-burning application of choice to burn 


your image into a shiny new live CD subtleties of those usage scenarios (see Resources for 
some pointers on home directory encryption). 
Creating an Encrypted Volume TrueCrypt can be run either in text mode, via 
Now, you can create an encrypted volume. For our the truecrypt -t command (followed by various 
purposes here, it will be a simple “file vault” to options) or in graphical mode. For now, let's stick 
mount as a subdirectory of your home directory. But, to graphical mode. To start it, simply type the 


it just as easily could be an entire home directory that following from within a terminal window: 
you mount over the one your live CD uses. Come to 

think of it, you also could do that with /etc. For now, bash-$ truecrypt & 

however, I'll leave it to you to explore the technical 
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Figure 1. TrueCrypt 
5.1 GUI for Linux 


Sze Mount Directory Type 


Greate volume 
Volume 


And, you should see what's shown in Figure 1. 

Click Create Volume to start the TrueCrypt 
Volume Creation Wizard. We'll create a standard 
TrueCrypt volume, not a hidden one (you can hide 
one TrueCrypt volume inside the “empty” space of 
another, as all unused space in a TrueCrypt volume 
is filled with random characters). So, click Next. 

In the wizard’s next screen, you can specify the 
path and name of the file in which your encrypted 
volume will be stored or the name of an entire disk 
partition to encrypt. Here, we're creating a file-hosted 
volume, and in our example scenario, this file will 
be /home/ubuntu/realhomez (no file extension is 
necessary). After typing that path, click Next. 

In the wizard’s third screen, we must specify 
the volume'’s size. In this example, I’m creating a 
500MB volume. 

After clicking Next, you can choose an Encryption 
Algorithm and a Hash Algorithm. The defaults, AES 
and RIPEMD-160, respectively, are good choices. 
You also can click the Test button to make sure 
TrueCrypt's built-in cryptographic functions work 
properly on your system. 

The next step is to set a volume password. 
Choose a strong one! You also can specify and 
create keyfiles—files that TrueCrypt will look for every 
time you mount this volume. If any keyfile is missing, 
or if its contents have changed in any way since you 
created the volume, TrueCrypt won't mount the 
volume. Properly used, keyfiles can provide another 
level of authentication to your encrypted volume. 
But, we aren't going to use any in this example. 
Enter a password (twice) and click Next. 

Important note: TrueCrypt has no back doors 
of any kind. For this reason, if you forget your 
volume’s password, or if any of its keyfiles are lost 
or corrupted, you will not be able to recover the 
contents of your encrypted volume. By all means, 
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choose a difficult-to-guess volume password, but 
make sure you won't forget or lose it yourself! 

Now we come to the Format Options screen, 
which asks a subtle question: which filesystem? The 
choices here are FAT, which is actually the Windows 
95 vfat filesystem (MS-DOS FAT16 with long file- 
names), and None. If you select FAT, TrueCrypt will 
format your new encrypted volume for you. However, 
vfat isn't a journaling filesystem; it isn’t very resilient 
to file corruption and other filesystem errors. 

Worse, strange things can happen if you store 
certain kinds of Linux system files on a vfat partition, 
because vfat can’t store certain Linux file attributes. 
The only reason to choose vfat is if you intend to use 
the volume with both Linux and Windows systems. If 
you're going to use it only on Linux, especially if you're 
going to use it as a home directory (or /etc), you 
should choose None, and formate the virtual partition 
yourself, which I'll show you how to do in a minute. 

For now, click Next to proceed to the Volume 
Format screen. This is your chance to generate some 
entropy (randomness) with which TrueCrypt can 
initialize its crypto engine, pursuant to encrypting 
your volume. To do so, move your mouse randomly 
within the window a while, and then click Format. 

That's it! You've created /home/ubuntu/realhome2 
and now are ready to format it. Click Exit to close 
the Volume Creation Wizard. 


Formatting the Volume 

My personal favorite native-Linux journaling filesystem 
is ext3, so that's what we use here. Before we format 
our new volume though, we need to have TrueCrypt 
map it to a virtual device. This isn’t really mounting per 
se, but that’s the TrueCrypt function we need to use. 

Back in the TrueCrypt GUI (Figure 1), type the full 
path of our new volume (/home/ubuntu/realhome2) 
in the text box next to the key icon (or navigate 
to it using the Select File... dialog), and click Mount. 
In the box that pops up, enter your volume’s pass- 
word, and then click Options >. Here’s where things 
get a little strange. Click the box next to Do not 
mount (Figure 2). Now you can click OK. 

Why, you may wonder, are you telling TrueCrypt 
“do not mount” in the middle of the Mount dialog? 
Because, of course, you can’t mount an unformatted 
partition. But, TrueCrypt can map it to a virtual device, 
and this is, in fact, what TrueCrypt has just done. 

Back in the TrueCrypt main screen, your volume 
file now should be listed in Slot 1. To find the virtual 
device to which it’s been mapped, click Volume 
Properties. As shown in Figure 3, realhome3 has 
been mapped to /dev/loop0. 

Now, we can format the new encrypted volume. 
In your terminal window, type: 


05-$ sudo mkfs.ext3 /dev/loop® 


Ene Ar pAsew ord for’ yho me Jubunt li/rea fname" Fe 


Password: @@@eeeooooee 


Cache passwords and keyfiles in memory x) cancel 


Display password 
Use keyfiles Keyfiles... Options < 


Mount volume as read-only 


Hidden Volume Protection 
Protect hidden volume when mounting outer volume 


Filesystem 


¥ Do not mount 


Figure 2. Not Mounting Our Unformatted Volume 


Volume Properties 
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Figure 3. Volume Properties 


Volume Ownership 

Voila! You now have a mountable, usable encrypted virtual 
volume! If you want to test it or begin populating it with con- 
fidential data you intend to use with your live CD, you can 
mount it “for real” by going back to the TrueCrypt GUI, click- 
ing Dismount, and then clicking Mount (the same button; it's 
context-sensitive). (This time, do not select the Do not mount 
button.) If you don’t specify a mountpoint, TrueCrypt automat- 
ically creates one called /media/truecrypt1. 

Note that if you mount different TrueCrypt volumes in suc- 
cession, the mountpoints will be named /media/truecrypt1, 
/media/truecrypt2 and so on, where the trailing digit corre- 
sponds to the Slot number TrueCrypt uses in creating virtual 
device mappings (Figure 1). Note also that when mounting a 
TrueCrypt volume from the GUI, you may need to click on an 
empty slot number before clicking the Mount number, if one 
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TrueCrypt 5.x Idiosyncracies 


With version 5.0, TrueCrypt added a GUI to the Linux version that is 
very similar to that of the Windows version (in prior versions, 
TrueCrypt for Linux was command-line-only). But, TrueCrypt versions 
5.0 and 5.0a for Linux both had serious limitations and bugs, includ- 
ing the omission of the -c option that allows you to create TrueCrypt 
volumes from a command line and of the TrueCrypt man page. 


Toward the end of the day that | submitted this article for publica- 
tion, TrueCrypt 5.1 was released, and the -c option has been 
restored in this version. Other bugs in 5.0/a may or may not be 
fixed (some users have complained of performance problems and 
even TrueCrypt-induced system crashes with the Linux version). 
Although | have changed the filenames in this article’s examples to 
reflect the new version, | didn’t have time to test version 5.1 myself, 
so | can’t tell you how significant an improvement it is. 


So, be forewarned. On the one hand, there doesn't appear to be 
any serious security issues with TrueCrypt 5 for Linux. Obviously, as 
I've devoted most of this article to it, | think it’s useful and trustwor- 
thy enough for the purposes described herein. 


But, TrueCrypt historically has been a very Windows-oriented project, 
and this still appears to be the case. So, as with anything, be sure to 
test TrueCrypt thoroughly before depending on it in any kind of pro- 
duction or mission-critical context. One alternative to consider is 
TrueCrypt version 4.3, a known, stable release that's still available (at 
the time of this writing) on the www.truecrypt.org Web site. But, 
it's seldom a good idea to trust obsolete software for too long. 


isn't selected already. 

By default, TrueCrypt mounts your ext3-formatted 
TrueCrypt volume with root ownership. Depending 
on how you plan to use it, that may be appropriate. 
But, as a matter of principle, you don’t want to use 
root privileges for ordinary tasks like word processing. 
If you're going to use this volume as your Documents 
directory, it's going to need to be usable by some 
unprivileged user. 

The custom live CD image we created last 


Resources 


The TrueCrypt Home Page: www.truecrypt.org 


Tombuntu’s “Disk Encryption with TrueCrypt 5 on Ubuntu” HOWTO: tombuntu.com/ 
index.php/2008/02/07/disk-encryption-with-truecrypt-5-on-ubuntu 


Some hints on automatically mounting a TrueCrypt 5.0 volume as your home directory 
on Ubuntu systems: ubuntuforums.org/showthread.php?t=645247 


Mark Longair’s enlightening “HAL and Device Management”, a concise and helpful 


introduction on how GNOME automounts devices: www.mythic-beasts.com/ 
~mark/random/hal 
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Enter password tor "/media/GIGGER/realhome?™ [x] 


r 


Password: @@9SSe8eeeee) ax 


Cache passwords and keyfiles in memory Q cancel 


Display password 
Use keyfiles Keyfiles... Options < 


Mount volume as read-only 


Hidden Volume Protection 
Protect hidden volume when mounting outer volume 


what is hidden volume protection? 


Filesystem 
Do not mount 


Mount at directory: /home/ubuntu/Documents 


Mount options: 


Figure 4. Mounting Your Volume on /home/ubuntu/Documents 


month has only the default Ubuntu accounts on it. 
For now, let's stick with those—that way, you'll be 
able to use this encrypted volume with any Ubuntu 
7.10 live CD, not just your custom image. Here's 
how to make your volume usable by the default live 
CD user account ubuntu. 

First, create, map, format and mount your 
volume as described above. I'll assume that 
TrueCrypt mounted it to /media/truecrypt1. 

Open or switch to a terminal window. If you do 
an ts -1 of /media, the listing for your volume 
should look like this: 


drwxr-xr-x 3 root root 1024 2008-03-09 23:21 truecryptl 


As you can see, only root can use this directory. 
Because we want it to be usable by our live CD's 
ubuntu account, and because that account’s 
user ID (UID) and group ID (GID) are 999 and 
999, respectively, we issue this command: 


05-$ sudo chown -R 999:999 /media/truecryptl 


This performs a bit of magic. The user/group 
ownerships you just specified are now embedded in 
your TrueCrypt volume’s filesystem. From this point 
on, wherever you mount this volume, regardless of 
the mountpoint’s ownership and permissions when 
it isn’t in use, your volume will be mounted with 
UID and GID both set to 999. 

If you subsequently mount the TrueCrypt volume 
on a system on which some user or group other 
than ubuntu has a numeric ID of 999 (per its local 
/etc/passwd and /etc/group files), then that user or 
group will own the mounted volume, even if that sys- 
tem has an account or group named ubuntu. And, if 
on that system the UID 999 doesn’t correspond to any 


Appendix 


Here’s the complete procedure | described last month for adding and removing packages in a custom Ubuntu live CD, in the form of a 
raw list of all commands described in this article. The $ prompts indicate commands executed as an unprivileged user; the # prompt 
shows commands that are executed by root: 


00-$ dd if=/dev/cdrom of=./ubuntu-7.10-desktop-i386.iso 17-# apt-get dist-upgrade 
01-$ mkdir -p ./isomount ./isonew/squashfs ./isonew/cd 18-# apt-get clean 
=». /isonew/custom 
19-# rm -rf /tmp/* 
02-$ sudo mount -o loop ./ubuntu-7.10-desktop-i386.iso ./isomount/ 
20-# umount /proc/ 


03-$ rsync --exclude=/casper/filesystem.squashfs -a ./isomount/ 


=». /isonew/cd 21-# umount /sys/ 
04-$ sudo modprobe squashfs 22-# exit 
05-$ sudo mount -t squashfs -o loop 23-$ chmod +w ./isonew/cd/casper/filesystem.manifest 


=» ./isomount/casper/filesystem.squashfs ./isonew/squashfs/ 

24-$ sudo chroot ./isonew/custom dpkg-query -W --showformat='${Package} 
06-$ sudo rsync -a ./isonew/squashfs/ ./isonew/custom »${Version}\n' > ./isonew/cd/casper/filesystem.manifest 
07-$ sudo cp /etc/resolv.conf /etc/hosts ./isonew/custom/etc/ 25-$ sudo cp ./isonew/cd/casper/filesystem.manifest 
>. /isonew/cd/casper/filesystem.manifest-desktop 


08- 


- 


sudo cp /etc/apt/sources.list ./isonew/custom/etc/apt/ 
26-§ sudo mksquashfs ./isonew/custom 
09- 


re 


sudo chroot ./isonew/custom > ./isonew/cd/casper/filesystem.squashfs 


10-# mount -t proc none /proc/ 27-$ sudo rm ./isonew/cd/md5sum. txt 


11-# mount -t sysfs none /sys/ 28-§ sudo -s 
12-# export HOME=/root 29-# cd ./isonew/cd 
13-# apt-get remove --purge ‘dpkg-query -W --showformat='${Package}\n' 30-# find . -type f -printO | xargs -@ mdSsum > mdSsum. txt 
|grep openoffice” 
31-# exit 
14-# apt-get remove --purge ‘dpkg-query -W --showformat='${Package}\n' 
|grep gimp 32-§ cd ./isonew/cd 


15-# apt-get update 33-$ sudo mkisofs -r -V "Ubuntu-Live-PrivateSurf" -b 
isolinux/isolinux.bin -c isolinux/boot.cat -cache-inodes -J -1 
16-# apt-get install tor privoxy ‘-no-emul-boot -boot-load-size 4 -boot-info-table -o 


»~/Ubuntu-Live-7.10-PrivateSurf.iso . 


Documents (Figure 4). 

If TrueCrypt prompts you for an administrative 
password, leave it blank and click OK. By default, the 
ubuntu account on Ubuntu CDs has no password. 

This brings me to the topic of next month's 
column: further securing and customizing your 
encrypted-Documents-enabled live CD image. Until 
then, be safe!m 


user, you'll need to be root in order to use the mounted 
volume. (But, in that case, you'll be no worse off than 
if you had skipped the chown exercise!) 


Using the TrueCrypt Volume with 
Your Live CD 

And now, the moment of truth. To use your 
encrypted TrueCrypt volume with an Ubuntu live 
CD, such as the one we modified last month, 
simply boot a system off that CD; insert the USB 


Mick Bauer (darth.elmo@wiremonkeys.org) is Network Security Architect for one 


drive; execute the truecrypt binary from the USB 
drive or from the CD, if you installed TrueCrypt 
on your custom image; and mount your encrypted 
volume, specifying a mountpoint of /home/ubuntu/ 


of the US's largest banks. He is the author of the O'Reilly book Linux Server 
Security, 2nd edition (formerly called Building Secure Servers With Linux, an 
occasional presenter at information security conferences and composer of the 
“Network Engineering Polka’. 
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KYLE RANKIN 


Lightning Hacks 


Instead of one large hack, this month, | cover a few of my favorite 
smaller hacks to manage windows, switch my display to a projector 
and perform binary diffs on large files. 


One of the more interesting parts of any 
conference is the lightning talks. If you haven't 
experienced one, a lightning talk typically fea- 
tures a number of different speakers, each giving 
a short (5-20 minutes) presentation. Lightning 
talks take advantage of the fact that often a 
speaker has an interesting topic to present, but 
the topic won't fill an entire hour time slot. So, 
lightning talks round up each of these speakers 
one after the other in the same time slot. 
Because of the variety of information and the 
fast nature of lightning talks, they can be really 
informative, interesting and definitely fun. 

As | was considering what topic to cover for this 
month’s column, | realized | had a number of differ- 
ent hacks I'd like to mention, but none that could 
really fill a full column. In the spirit of lightning 
talks, | decided to put all of these hacks together in 
true rapid-fire fashion. 


Move Windows to Their Default Location 
In the March 2008 issue of Linux Journal, | intro- 
duced the wmctrl tool and discussed how to use it 
to move, resize, shade and do all sorts of window 
management tasks from the command line. | 


This script goes from desktop to 
desktop (or because | use Compiz, 
viewport to viewport) and moves and 
resizes windows per my specifications. 


also introduced a few scripts | had written and 
bound to keys to resize and shade a few differ- 
ent windows on my desktop. Near the end of 
that article, | mentioned: 


My next project is to create a “reset” 
script that moves all the windows on all of 
my desktops to precise locations and sizes, 
in case they all get moved around and 
resized. Sure, | could do all this by hand, 
but then I’d miss this great opportunity 
for automation. 
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Well, shortly after | wrote that, | completed 
my reset script. This script goes from desktop to 
desktop (or because | use Compiz, viewport to 
viewport) and moves and resizes windows per my 
specifications. I’ve added comments to explain 
particular sections: 


#!/bin/sh 


# First save my current viewport so I can return 
# to it after I'm done 
SAVED_VP="wmctrl -d | perl -ne '/VP: (\d+,\d+)/; print $1;'° 


# Then, move to the first viewport (at 0,0). Because it 
# can take a second or two for this to take effect, 

# I've opted to create a while loop that will 

# continue to attempt to switch to that viewport 


# until it detects it is actually there. 


VP=0,0 

while [ ‘wmctrl -d | perl -ne '/VP: (\d+,\d+)/ 
sprint $1;'° != $VP ]; 

do 


wmctrl -o $VP 


done 


# Now resize, move, and change state of particular 
# windows (see the wmctrl man page, or my wmctrl 

# column for more information on the options). 
wmctrl -r 'Eterm Main 1' -e '0,0,0,645,420' 

wmctrl -r ‘Irssi Term' -e '0,469,0,810,500' 

wmctrl -r 'Irssi Term' -b add,shaded 

wmctrl -r 'Irssi Term' -b add,below 

wmctrl -r 'gkrellm' -b add,sticky 

wmctrl -r "Irssi Notify Term" -e '0,1180,550, 100,230 


# I now switch to the second viewport. As my screen 
# is 1280x768, the second viewport is at 1280,0. 
# If I wasn't sure, I could switch to that viewport 
# and check the output of wmctrl -d for the proper coordinates 
VP=1280,0 
while [ ‘wmctrl -d | perl -ne '/VP: (\d+,\d+)/; 

sprint $1;'° != $vP J; 
do 

wmctrl -o $VP 


done 


wmctrl -r "Mozilla Firefox" -e '0,5,0,1040,708 


# Finally I switch back to my original viewport 
# so I'm back where I started. 
wmctrl -o $SAVED_VP 


Although there are certainly a lot of commands 
in that script, it actually didn't take long to write. 
Most of the script is simply one wmctrl command 
after another, and | spent a majority of the time 
actually fine-tuning the locations of each window 
and figuring out the best way to switch viewports. 
If your desktop environment uses multiple desktops 
instead of one desktop with multiple viewports, you 
would use the -s option to change desktops instead 
of the -o option, which is used for viewports. You 
also would need to change the logic in the while 
loop to something more like: 


DESKTOP=1 

while [ “wmctrl -d | perl -ne '/%(\d+).*?\*/; 
print $1;'° != $DESKTOP ]; 

do 


wmctrl -s $DESKTOP 
done 


Toggle My Display for Presentations 
Although | normally use my laptop with its own 
built-in screen, | frequently give presentations, so | 
need to display on both the LCD and the external 
VGA connector. Unfortunately, my laptop's function 
keys to toggle between those states don’t currently 
work in Linux, so I’ve had to put it into a script 
paired with a keybinding. 

The xrandr program works great with my lap- 
top to toggle between displays, so my script first 
examines the output of xrandr to see whether the 
VGA port is connected, and if so, it adds it as a 
display. Otherwise, it disables VGA. | also added a 
line to echo some text to osd_cat. | installed this 
program so that | would get some output on the 
screen to let me know which mode my script had 
chosen. When I’m ready to output to a projector, 
| just connect it to my laptop and run the script. 
When I'm finished with the presentation, | disconnect 
it and run the script again: 


#!/bin/sh 


Order Today! 


email sales @he.net or call 510.580.4190 


he.net/ip_ transit 
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if xrandr | grep -q 'VGA connected'; then 
echo "LVDS + VGA" | osd_cat --shadow=2 --align=center 
»--pos=bottom --color=green --delay=2 
»--font=Lucidasanstypewriter-bold-24 --offset 40 & 
# choose my laptop screen's resolution by default, 
# if that fails try the auto-detected mode 
xrandr --output VGA --mode 1280x768@60 || xrandr 
»--output VGA --auto 
else 
echo "LVDS only" | osd_cat --shadow=2 --align=center 
‘»>--pos=bottom --color=green --delay=2 
»--font=Lucidasanstypewriter-bold-24 --offset 40 & 
xrandr --output VGA --off & 
fi 


| also created a separate version of the script 
that spans across both screens instead of mirroring. 
| chose to span below my current screen (with the -- 
below LVDS option), but most people probably will 
prefer to use --right-of or --left-of: 


#!/bin/sh 


if xrandr | grep -q ‘VGA connected'; then 
echo "LVDS + VGA span" | osd_cat --shadow=2 --align=center 
‘»--pos=bottom --color=green --delay=2 
‘»--font=Lucidasanstypewriter-bold-24 --offset 40 & 
xrandr --output VGA --mode 1280x768@60 --below LVDS || xrandr 
»--output 
VGA --below LVDS --auto 
else 
echo "LVDS only" | osd_cat --shadow=2 --align=center 
‘»--pos=bottom --color=green --delay=2 
»--font=Lucidasanstypewriter-bold-24 --offset 40 & 
xrandr --output VGA --off & 
Fi 


What's the Difference? 

Recently, | was working on a remastered Knoppix 
DVD that | had sent out to a few people. After | 
had sent out the full remastered DVD, | found 
out that | needed to change a few small files on 
the DVD. Even though my home DSL speeds are 
pretty fast, the upload is still slow enough that it 


What's better is that rdiff works with 
any binary—you can use it for any 
large binary files from DVD images 
to virtual disks to multimedia files. 


took overnight to transfer the 3GB+ DVD image. 
| didn’t want to go through that again, especially 
as | had made only minor changes to the DVD. 
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| knew that binary diff tools existed, but | 
discovered that not all of them are equal. Some 
binary diff tools require enough RAM to store 
multiple copies of the file, which certainly 
wouldn’t work with a 3GB image. Lucky for me, 
| found rdiff, a tool that works well with large 
files and doesn’t require a lot of RAM. What's 
better is that rdiff works with any binary—you 
can use it for any large binary files from DVD 
images to virtual disks to multimedia files. 

rdiff works via a three-stage process. In this 
example, | have two files, old.iso and new.iso, that 
have minor differences from each other. For the first 
stage, you create a signature file that rdiff uses to 
represent your original file: 


$§$ rdiff signature old.iso old.signature 


Now that you have a signature file, use it with 
rdiff to create a delta file that represents the differ- 
ences between the old and new files: 


$§$ rdiff delta old.signature new.iso new.delta 


This new.delta file is now all that anyone needs 
to convert old.iso to new.iso. For me, this file ended 
up being around 150Kb, because | had made only a 
few changes. The delta file was much simpler to 
send around than the full image. If you want to test 
that the delta file will work, first create an md5sum 
of new.iso: 


§ mdSsum new.iso 


Then, use rdiff to patch the old file with the 
delta to create the new file. This is the same 
command that everyone else with the original 
file will use: 


$ rdiff patch odl.iso new.delta newtest.iso 


Now that you have newtest.iso, create an 
md5sum of that file and compare it with the one 
you made for new.iso: 


§ mdSsum newtest.iso 


As | said before, this method works not only 
with ISOs, but also with any binary file large or 
small. It's worth noting that rdiff works with the 
same binary diff method rsync uses. rdiff just 
lets you use the algorithm step by step on the 
command line. m 


Kyle Rankin is a Senior Systems Administrator in the San Francisco Bay Area and 
the author of a number of books, including Knoppix Hacks and Ubuntu Hacks for 
O'Reilly Media. He is currently the president of the North Bay Linux Users’ Group. 
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Bruce Potter on Botnets: Understanding and Defense 
Peter Baer Galvin on Solaris 10 Administration 


Phil Cox and Brad Johnson on Securing Virtual 
Environments 


And over 20 other full- and half-day tutorials 


The latest systems research, presented in the 
Refereed Paper Track 


Keynote Address by David Patterson, Director, U.C. 
Berkeley Parallel Computing Laboratory, on “The 
Parallel Revolution Has Started: Are You Part of the 
Solution or Part of the Problem?” 


Plenary Closing Session by Matthew Melis of the 
NASA Glenn Research Center on “The Columbia 
Accident Investigation and Returning NASA’s Space 
Shuttle to Flight” 


Plus invited talks, guru sessions, poster and vendor 
sessions, BoFs, and more! 


Follow the icons... Choose one subject 
or mix and match to meet your needs. 


Sysadmin Coding 


an) 


Open Source 


Early 
Bird 
Discount 


register early and save! 


Register by June 6 and save up to $300 | www.usenix.org/usenix08/lj 
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SpectSoft’'s RaveHD Basic 


SpectSoft LLC has long provided its high-end, uncompressed video 
solution RaveHD to the big Hollywood studios. Now, the company 
aims to reach smaller studios with a number of lower-cost solutions 
in its new RaveHD Basic product line. RaveHD, says SpectSoft, is a 
“solid deck replacement”—that is, a Linux-based turnkey solution 
that offers the storage and tools needed to “bridge the film, video 
and data gap”, with source code available to its users for integra- 
tion. Some key features include uncompressed capture and playout 
of frame-based sequences (DPX), native database and configurable 
metadata, configuration for SAN support, batch capture and more. 


www.spectsoft.com 


. | Astaro’s Web Gateway 


% With its new Web Gateway, a line of all-in-one Web security 
appliances, Astaro further simplifies the task of Web security 
for small- and medium-size businesses. Web Gateway 
enables organizations to limit Internet use for business pur- 
poses, protect networks from malicious content and prevent 
virus and spyware infections, thus reducing legal risk. The products provide 
integrated URL filtering, malware detection, instant messaging and peer-to-peer application 

control, as well as bandwidth optimization to secure and control Web access completely. It also may be deployed 
as either a hardware or virtualized appliance and managed through a single browser-based GUI. 


www.astaro.com 


—— 


SlickEdit’s Core for Eclipse F SickES or Evipse 


Eclipse users keep getting more treats, the latest being SlickEdit Core Version 3.3. 
The product is a plugin for Eclipse that allows developers to use the SlickEdit code 
editor as the default within Eclipse. SlickEdit Core consists of the SlickEdit editor, 
seven additional views and the DIFFzilla differencing engine. The combined func- 
tionality is said to “offer greater editing power and better speed in navigating code, 
allowing even the most accomplished power programmers to be more productive”. 
The new version is for Eclipse 3.3 and CDT 4.0. 


www-slickedit.com 


Protecode Plugin 


Protecode has unveiled the Protecode plugin, a software development tool that unobtrusively manages IP by 
detecting and logging 100% of the content entering a software project. Protecode logs, identifies and reports 
pedigree and licensing information associated with external content in any stage of software development 
projects. Protecode automatically creates a software “bill of materials” and manages compliance with an 
organization's IP policies, offering a clean pedigree that ensures developers/contributors are using licenses 
accurately. Protecoding (coding with the Protecode plugin as part of the development environment) frees 
developers from having to understand open-source rules and licenses. Initially launched for Eclipse with Java 
and C/C++, the plugin will expand later into other languages and infrastructures. 


www.protecode.com 


@ protecode 
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NEW PRODUCTS [J 


XAware Open Source Data Integration Plugin for 
Salesforce.com 


Illustrating how everyone can use a little open source, XAware announced a new plugin for Salesforce.com users that 
enables additional control over customer data and extension of capabilities of the popular SaaS platform. One can 


~ “migrate, manage, share and mashup data from various systems”, says XAware. XAware also features an Eclipse-based 
= design environment and an Eclipse plugin to the many developers who use it as their standard development environment. 
s The XAware plugin is available at the company’s Web site or from Salesforce.com's AppExchange. 
> Www.xaware.org 

. . : . 
Michael K. Johnson and Erik W. Troan’s Linux . 


Application Development (Addison-Wesley) 


Michael Johnson and Erik Troan have spiffed up their book Linux Application Development enough 
to warrant this new, second edition. Published by Addison-Wesley, the book presents key APIs and 
techniques one needs to create robust, secure, efficient software or to port existing code to Linux. It 
further offers “deep coverage of Linux-specific extensions and features”. The new edition has been 
updated for the Linux 2.6 kernel, the GNU C library version 2.3, the latest POSIX standards and the 
Single Unix Specification, Issue 6. 


www.informit.com 


Allen Sherrod’s Game Graphics Programming 
@vimenwsiies (Charles River Media) 
PROGRAMMING 


Suddenly Charles River Media is on a tear to get out more Linux and open-source book titles wor- 
thy of your attention. Case in point is Allen Sherrod’s Game Graphics Programming, which the 
publisher claims is the only book that teaches the fundamentals of game graphics programming. 
The title covers topics such as an overview of game graphics, 2-D and 3-D through shaders, soft- 
ware rendering, ray tracing, mapping surfaces, reflections and refractions, lighting, global illumina- 
tion, optimization, shadows, high-dynamic range and other special effects. A software rendering 
system and ray tracer are included, allowing users to work through the projects and demos in 
each chapter. All demos (except DirectX) have Linux, Mac and Windows versions. 


www.charlesriver.com 


CodeWeavers’ CrossOver 
Games Beta 


Okay, game geeks, you’re getting your wish. CodeWeavers is now 
shipping CrossOver Games, a download-only application that allows 
you to play tons of popular Windows-based games on either a Linux 
or Mac OS without the need for a Windows license. Some of the titles 
you can play include Team Fortress 2, World of Warcraft, Civilization 4, 
Guild Wars, EVE Online, Peggle, Counterstrike Source and others. 
CodeWeavers is one of the lead sponsors of the Wine Project, on 
which the company’s products are based. The purchase price includes 
12 months of free product support and software updates. 


www.codeweavers.com 


Please send information about releases of Linux-related products to James Gray at newproducts@linuxjournal.com or New Products 


c/o Linux Journal, 1752 NW Market Street, #200, Seattle, WA 98107. Submissions are edited for length and content. 
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Fresh from the Labs 


A look at promising software in development. JOHN KNIGHT 


Minirok 
(chistera.yi.org/~adeodato/code/minirok) 


This is a lovely little application that gives you very little grief. 
Think halfway between Amarok and Kaboodle, and you'll get 
the idea. For those of you who just want to play a few files at 
a time and hate fancy music players with more features than 
you could ever want, Minirok is for you. The player is minimal- 
istic and dressed-down, but it still allows for features, such as 
playlists, skinning, Last.fm support, keybindings and DCOP 
support for KDE integration. According to Minirok’s Web site: 


Minirok is a small music player for the K Desktop 
Environment. As its name hints, it’s modeled after 
Amarok, but with a reduced set of features. In particular, 
it is designed to cover all the needs and wishes of the 
author, leaving everything else out. The look and feel is 
almost identical to Amarok’s, though. The main interface 
is a tree view of the filesystem, with a playlist that 
can be populated only via drag and drop. There is no 
collection built from tags, so it’s targeted at people 
whose collections are already structured in a tree at 
the filesystem level. Searches can be performed both 
in the tree view and the playlist. 


Fie Zettings Help 


& Seech 


fer a drectory here 


Figure 1. For those sick of do-it-all players, here’s the wonderfully 
simple Minirok. 


Installation If you head to the Minirok Web site, both 
tarballs and .debs are available (the Debian packages are a 
little bit older than the source tarballs). As far as dependen- 
cies go, aside from PyQt and PyKDE, the only dependency 
that’s relatively obscure is python-mutagen—a Python mod- 
ule that handles audio metadata. Apt users should be able 
to install the module via the following: 


# apt-get install python-mutagen 


42 | june 2008 www.linuxjournal.com 


After this command, the .deb should install, and the 
tarball should build with no trouble. To install the .deb 
package, open a terminal to the directory the .deb sits in, 
and use the command: 


# dpkg -i minirok_0.7-1_all.deb 


To install via source, download and extract the tarball. 
Open a terminal in the new directory, and enter the command: 


# ./setup.sh install 


Usage Minirok should be in your menu under 
Multimedia. If not, simply run the command minirok. 
Once you're in, just click and drag a folder or MP3 into 
the window pane on the right. As far as controls go, the 
button on the bottom right that looks like a window 
clears the playlist, so if you've made everything cluttered 
and want to start fresh, there's your button. Otherwise, 
it's a simple case of skip forward or back a track, stop, 
play/pause and a slider bar. On the left are two buttons: 
the first, a downward-pointing arrow, is for repeat, and 
the second, a right-pointing arrow, is for randomizing. 
And, that's about it—really, really nice and minimal! 

For the moment, things are fairly stable due to a minimal 
interface, with only the occasional bug. | found that it didn't 
like some kinds of MP3s, and sometimes it doesn’t lead onto 
the next track on a playlist, but those issues seemed to be 
fixed in the latest tarball. Overall, this project’s been my 
favourite this month. It fills a niche and doesn’t give you all 
that installation grief. 


Perfect Match 


(pmatch.rubyforge.org) 


If you're looking for a good tool for finding duplicate files, this 
is it. I've been researching these tools for a while, but | didn’t 
trust any to touch my filesystem, as many of my duplicate files 
are there on purpose. Perfect Match (or pmatch for short) is 
non-destructive. Using the default options simply prints out a 
list of what files are duplicated and lets you decide for yourself 
which ones you'd like to remove. 

As for goals and aspirations, according to author Tomasz 
Muras’ Web site: 


Some time ago, | was looking for a utility that would 
find (and possibly remove) duplicate files. | have 
found a few of them but none was complex enough 
for what | wanted...hence the idea of Perfect Match! 
My main requirements were quick compare—that is, 
first compare files based on size, then hash—and to 
perform some logic when choosing which duplicate 
should be removed. 


Installation For the moment, there is no installer available 
for pmatch, so you'll have to take a few steps here and there, 
but thankfully, not too many, as it’s a small project. The main 
dependency is Ruby, and a subproject called RubyGems—a 
system for managing Ruby software libraries. Chances are that 
RubyGems already is in your distribution’s repository, so doing 
a simple: 


# apt-get install rubygems 


will work for most people. If not, check out the RubyGems 
home page (rubgems.org). Once RubyGems is installed, you'll 
need a gem called log4r. Use the following command: 


# gem install log4r 


Once those two steps are out of the way, you're ready to 
download pmatch. Head to the project's Web site, and save 
the tarball to your hard drive. For some reason, none of my 
GUI archive tools liked the tarball, so open a terminal to the 
directory it sits in, and enter the command: 


$ tar -jxf pmatch_0.2.tar.bz2 


From here, pmatch is ready to use, but only locally via the 
command ./pmatch. To install pmatch system-wide, enter the 
following two commands: 


# cp pmatch /usr/local/bin/ 
# chmod 755 /usr/local/bin/pmatch 


From here on, any user should be able to use pmatch at 
any time. 

Usage To use pmatch in its basic form, enter the 
command pmatch followed by the directory you want to 
examine. As an example, after doing so, | received the 
following shell output: 


nhoj@ubuntu:~$ pmatch musostuff/storm-day/ 

rm musostuff/storm-day//verse2/raw-drums.wav 

rm musostuff/storm-day//sessions/steve-17-06-06/verse-drum-track.wav 
rm musostuff/storm-day//sessions/nhoj-session-26-2-06/session2.wav 


rm musostuff/storm-day//sessions/nhoj-session-26-2-06/sessionl.wav 


Don't freak out when you see an rm followed by a file- 
name. These are purely recommendations for the moment. 
If you actually want to perform these changes, you can do 
so by piping the command through to bash, like so: 


$ pmatch musostuff/storm-day/ | bash 


Now these commands actually will execute and remove 
said files. For more advanced usage and information on how 
pmatch works, check the Usage section of the Perfect Match 
home page. 

Overall, this is a handy little project, which probably will 
make it into many users’ toolkits and hopefully into distro 
archives. Once the project has fully matured, | wouldn’t be 
surprised to see some GUI front ends making their way to 
our desktops. 


FpcBol 


(fpcbol.sourceforge.net) 


| thought I'd finish this article with what has to be one of 
the quirkiest and most colorful projects I've come across— 
FpcBol. A desktop for children, FpcBol (or bol for short) is 
designed to be colorful and easy to use, with icons only 
(no menus), along with parental controls, and it’s trim 
enough to work on older PCs. That all sounds cool, and 
some of it we've seen before, but the desktop and inter- 
face are the strangest I've come across and unlike anything 
I've used before—not necessarily a bad thing! Are you as 
intrigued as | was? Follow me.... 

Installation First things first, the installation side of 
things is unfinished and in a state of flux. Florence Mathias 
(the project maintainer) and | were actually working 
together in a way on this one. He was changing the instal- 
lation scripts daily while | gave him feedback. | thoroughly 
recommend checking out the How-To section on the pro- 
ject’s Web site (itself simply a collection of colorful pictures 
and screenshots). With bol being based on Free Pascal and 


Figure 2. The Gorgeous Visuals of FpcBol 


Figure 3. FpcBol Transformed in Its Crazy Help Mode 
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SDL, there are a number of obscure requirements and the 
How-To section has pictorial instructions of steps to take 
on individual distributions. 

When you're ready to download the source tarball, click on 
the FpcBol picture on the Web site, which will take you to the 
SourceForge page's file archive. Once downloaded, extract the 
tarball, and open a terminal in the new directory. To any users 
of Debian-based systems, such as Ubuntu, MEPIS and so on, | 
thoroughly recommend running the install_debian script—it 
downloads all of the needed dependencies and will save you a 
great deal of frustration: 


# ./install_debian 


To start the installation, use the self-proclaimed ugly install 
script as follows (as root or sudo): 


# ./install 


The script will go through a series of dependency and config- 
uration checks. To start, it will see if you have something called 
bol.icone and download the latest for you if you don’t (you 
won't, unless you've been through this process before). This is 
about 20MB, so go make a cup of tea and come back again. 

A tricky error that probably will come up is a message saying: 


jedi-sdl not present 
untar sdl.tar.gz (tar xvfz sdl.tar.gz) under 
/usr/lib/fpc/<version>/units/<cpu>/sdl 


Look in the sources directory of bol, and you'll find a file 
called sdl.tar.oz. As root, copy it to your needed directory 
(/usr/lib/fpc/2.0.4/units/i386-linux in my case), change to that 
directory and extract the archive. Rerun the install script, and 
you should make it past this stage. If not, check that you have 
extracted sdl.tar.bz to the right directory. 


check your local file /etc/Id.so.conf to make sure it has the 
following lines: 


/1ib 

/usr/1lib 
/usr/local/lib 
/usr/X11/1ib 


If these areas have all passed, a lovely little part of the 
program pops up with a spinning cube to test whether certain 
parts of bol will work in advance. Click on the small cube, and 
answer Y if it worked. If not, you're probably missing some 
needed libraries. After this, the script will ask you for the path 
to your mail reader and provide an example path for you. 
Enter the path for your favored mail application, and this 
should be the end of the script. Note that a script to install 
local configuration files for individual users is also provided. 
If you want to do this to make the first run cleaner, run the 
script by entering the following: 


# ./install_users 


Phew! That was a long one, but a cleaned-up installer is on 
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the to-do list for this project and may well be perfected by 
the time you read this. Some instructions are provided in the 
script, along with README files on how to integrate bol into 
your login menu, but I'll let you read that yourself. 

Usage You can fire this up straightaway on top of another 
desktop, so let's go through that for now, and you can take it 
from there. Open a terminal, and enter: 


$ /usr/local/bol/lance_bol 


A bunch of initialization info will pass through the ter- 
minal before you're suddenly greeted by a crazy rotating 
cube in full-screen. | think this may be some kind of load- 
ing screen (I don’t know), but the cube is cool. After a few 
seconds, your desktop will start changing, with a new 
background and a translucent rectangle (the workbench) 
at the top of your screen. The workbench is the part that 
drives bol, so let's concentrate on that. 

The lower icons are application buttons. Hover your 
mouse over them, and they'll do a cool animation, and the 
name of the application will appear at the top of the work- 
bench. Left-clicking on it will launch it. The heart icon rep- 
resents favorites. Clicking it will change the lower icons to 
a favorite applications list. If you want to clear up your 
screen from clutter, the icon fifth from the right will show 
only the desktop and minimize everything else. What's the 
important button? Click the blue one with a question mark, 
third from the right—it's the help button! Your screen will 
suddenly be taken over by an assortment of writing and 
colors—it was so crazy | had to take a screenshot. 

When you've had enough, double-click the red button 
on the right, and a confirmation screen will take over the 
workbench, telling you to right-click to exit (you'll see what 
mean). Upon exiting the desktop, you'll be greeted by the 
cube again, but this time in reverse...groovy! 

FpcBol is one of the craziest projects I’ve seen in a while. 
ts lack of menus may appeal to noncomputer-literate users. 
The graphical intensity will appeal to children, with moving 
icons, gorgeous colors and changing desktop backgrounds 
of interesting scenery. All in all, everything is gorgeous- 
ooking and very...French! Kids will love it. The end result is 
definitely worth it, even if the installer is cumbersome at 
times. At the time of this writing, FocBol just hit 1.0 alpha, 
and it may hit full release by the time this prints. Florence 
could do with a hand to complete things, particularly with 
improving the English and the installation scripting, so if 
any coders out there are fond of the project, why not help 
him out? There also isn’t much documentation for the GUI 
and some of the cooler aspects like Parental Control and its 
log files, so I'd be keen to see how FpcBol turns out after 
gaining a decent audience.m™ 


John Knight is a 23-year-old, drumming- and climbing-obsessed maniac from the world’s most 
isolated city—Perth, Western Australia. He can usually be found either buried in an Audacity 
screen or thrashing a kick-drum beyond recognition. 


Brewing something fresh, innovative, or just a little crazy? 


Send me e-mail at knight.john.a@gmail.com. 
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Figure 1. One 
Tricked-out XO at 
Studio Dave 


Sounding Out with the 


OLPC XO 


this year, | received an 
XO laptop from the One Laptop Per 
Child (OLPC) Project, thanks to a kindly 
recommendation from my friend Dr 
Richard Boulanger, professor of music 
synthesis at the Berklee College of 
Music. Rick knows that | maintain a pri- 
vate teaching studio and that many of 
my students are youngsters who would 
love to play with the XO. He also knows 
that | have a twin interest in Csound 
and Linux audio development, two 
rather significant aspects of the 
machine. Thus, this article focuses on 
my experiences so far with the XO's 
audio subsystem and its sound and 
music software. My students have had 
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only brief exposure to the machine, but 
| conclude with some remarks concern- 
ing their interaction with the XO and its 
audio capabilities. 


There's plenty of material on the Web 
that describes the XO in minute detail, 
so here | recap only the most salient 
features of the machine. 

The XO laptop (Figure 1) is small and 
lightweight without feeling flimsy or 
poorly constructed, and the few mobile 
parts are connected firmly at their 
joints. The display swings up from the 
base and can be rotated 180 degrees 
left or right in its upright position. It 
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also can be tilted slightly backward. The 
keyboard is a single rubber membrane, 
designed for kid-size fingers, but ham- 
handed adults like yours truly can plug 
in a USB keyboard if necessary. A two- 
button touchpanel replaces the mouse, 
though currently only one panel and 
one button are active. That's not a prob- 
lem, because only the pointer control 
and an entry button are required to 
navigate the GUI. 

I'm impressed by the thought that 
has gone into the design of the XO. At 
every level, | find consideration for the 
user's experience, from the design of 
its battery pack to the excellence of its 
display resolution. In fact, when I've 


shown the machine to friends, they've 
all especially admired the handle and 
wondered aloud why their laptops 
didn’t include one. 

On the software side, the XO is 
powered by a modified version of 
Fedora Core with a 2.6.22 Linux kernel. 
The GUI is the renowned Sugar, a 
Python-based graphic interface that 
is singularly unlike the typical Linux 
desktops with which I’m familiar, and 
the Linux command-line is easily available 
at any time. 


Audio Hardware and 
Capabilities 

The XO’s CPU is a 433MHz AMD Geode 
LX-700. The laptop's multimedia capa- 
bilities are provided by the Geode 
CS5535/CS5536 companion chipset. 
According to the Wikipedia page on the 
Geode, the CS5535 is a “...Southbridge 
for Geode GX and Geode LX...[that] 
integrates four USB ports, one ATA-66 
UDMA controller, one infrared commu- 
nication port, one AC97 controller, one 
SMBUS controller, one LPC port, as well 
as GPIO, Power Management, and legacy 
functional blocks”. The processor's 
AC97 controller is of central importance 
to this article, along with the possibili- 
ties afforded by the USB support, so 
let's consider exactly what that AC97 
is and what it does. 

In 1997, Intel developed an audio 
codec to provide high-quality audio ser- 
vices for motherboards, modems and 
sound hardware. The AC97 defines a 
high-quality audio architecture with a 
sampling rate of up to 96kHz for stereo 
and 48kHz for multichannel digital 
audio recording and playback, with bit 
depths up to 20 bits. The AC97 became 
very popular with manufacturers and is 
found on most desktop machines, 
though it has been superseded recently 
by Intel’s HDA (high-definition audio). 
The codec is divided into a digital con- 
troller and an analog stream handler, 
effectively combining the analog-to-digital 
and digital-to-analog converters in a 
single package (an appealing feature for 
hardware designers). By the way, Intel's 
use of the word codec here refers to the 
encoding/decoding of analog-to-digital 
and digital-to-analog streams, as distinct 
from binary compression/decompression 
codecs such as MP3, Ogg or WMA/WMV. 

The AC97 implementation for the 
CS5535 comes from an integrated 


Analog Devices AD1888 chipset that 
provides up to six channels of digital 
or analog audio output. The AD1888 
is notable also for its direct connection 
to the core CPU, a cost-saving factor 
that accords nicely with the XO’s 
overall design. The XO also uses another 
Analog Devices chipset (the SSM2211) 
for audio amplification. 

So much for audio on the inside. 
On the outside, we find an integrated 
microphone, two integrated speakers 
and jacks for stereo audio output (to 
headphones or other speakers) and for 
a monaural microphone-level input. 
The jacks are standard consumer-grade 
sound-card connectors that take 3.5mm 
mini-plugs, and I’m happy to report that 
connections to those jacks are firm and 
steady. The jack functions also are rede- 
finable with the alsamixer utility, but | 
did not experiment with this feature. 
See the OLPC Wiki page on the XO's 
audio hardware for more information 
about redefining the audio I/O ports. 

The XO also includes three USB 
ports. Obviously, these ports can 
be used to expand the machine's 
audio capabilities by adding a MIDI 
interface or a higher-quality digital 
audio interface. 


The Software Side: System 
Audio Support 

My machine runs the ALSA sound sys- 
tem in version 1.0.14. Running dmesg 
reports that the ALSA device list consists 
of the CS5535 audio hardware at base 
address 0x1480 on IRQ5, and modinfo 
reports that the cs5535audio driver 
includes only one significant option, 

a workaround for certain faulty AC97 
implementations. 

Under normal circumstances, ALSA 
is completely transparent to the user. 
Activities (that is, the XO’s programs) 
access the kernel sound services with no 
intervention from the user, and sound 
pours forth from the speakers. The 
expected ALSA utilities are all available 
from the command prompt, though 
only to the root user. Alsamixer correctly 
identifies the CS5535 as the sound card 
and the AD1888 as the audio chipset, 
and the range of mixer controls is 
impressive, particularly with regard to 
the surround sound capabilities of the 
AC97. Given this transparency, there 
isn’t much else to add regarding ALSA 
on the XO. However, readers who want 


to know more details about the CS5535 
audio driver should read the papers 
by Jaya Kumar, developer of the 
cs5535audio driver (see Resources 

for links to his presentations at the 
Linux Audio Conference 2007 and at 
FOSS/India 2006). 


Sound and Music Activities 
The XO is designed for the explorative 
mind. With regard to basic sound, the 
default system provides activities for 
simple audio recording and playback in 
various formats. However, the system’s 
real audio attractions are found in the 
TamTam activities. 

TamTam is a suite of four programs 
designed for exploring and experiment- 
ing with sound and music creation. At 
irst glance, they may seem to be attrac- 
ive toys, but | can verify that these 
applications are powerful enough to 
keep experienced musicians busy with 
heir possibilities. The TamTam designers 
have created a unique blend of Python 
and Csound and presented the concoc- 
ion to the user in an interface that 
completely conceals its technical 
foundations. The GUls are easy to 
comprehend, and users need no 
knowledge of Csound or Python or 
even music to start composing, jamming 
and making their own sounds. 

Alas, there isn’t space in this article 
to describe each program in the suite 
fully, so | present each application briefly 
and advise interested readers to listen to 
the XO audio demos I’ve posted at 
linux-sound.org (see Resources). 

The TamTam Mini (Figure 2) is an 
introductory-level program for very 
young users. The Mini is essentially a 
preset-style synthesizer played with the 
computer's keyboard. Users select an 
instrument from the display, and then 
play it by pressing the keys Z through M 
(lower octave) and Q through | (higher 
octave). A drum set can be added to 
create a looping play-along beat (with 
the start/stop button), and further con- 
trols include sliders for master volume, 
tempo, beat complexity and number of 
beats per bar. Sliders also are included 
for balance (that is, panning) and a 
reverb effect. All controls are usable in 
real time, and users’ jams can be 
recorded for later playback. Finally, in 
accord with the XO’s design philosophy, 
Mini also supports collaborative play 
between multiple machines, with all 
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Figure 3. TamTam Jam 


players synchronized to a shared beat. 
TamTam's Mini may be simple in its 
operation, but it is a sophisticated learn- 
ing tool that succeeds at being instruc- 
tional and fun—a winning design for 
enticing children into learning more 
about music and sound. 

The TamTam Jam (Figure 3) is the 
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XO's main music performance activity. 
As with the Mini, users select sounds 
from the display and play them via the 
computer keyboard. A beatbox-style 
drum machine is available for accompa- 
niment grooves, and a sequencer is 
provided for recording phrases played 
on the keyboard. Jam also is targeted at 


younger users, but it is a much more 
sophisticated program. Polyphonic 
playing is supported, and users have 
full control over the accompanying 
sequences and their instrumentation. A 
virtual band can be formed with a drum 
set and up to five instruments, and each 
instrument is coupled to a series of 
sequence loops selected from the Loops 
display. These loops can be added or 
deleted in real time, and right-clicking 
on the loop invokes its editor. The loop 
editor controls the number of beats 
within the loop and its “regularity” (a 
randomization control), and a mini- 
piano roll editor lets users redefine the 
notes and their order within the loop. It 
won't take long before users realize that 
Jam is a powerful MIDI sequencer that 
can make music in almost any style or 
degree of complexity. 

TamTam’s Edit (Figure 4) is a music 
composition/generation program that 
can be employed as a more-or-less con- 
ventional five-track MIDI sequencer or 
as a user-definable musical automaton. 
Beyond its transport controls, Edit’s 
toolset differs between its two modes. 
Compose mode includes Select, Draw 
and Paint tools; volume and tempo 
sliders; and controls for recording from 
the computer keyboard and saving your 
work as an Ogg file. Generate mode 
includes only three tools, a Generate 
Tune toggle and dialogs for the music 
generation parameters and for other 
general properties of the sequence. The 
generation dialog has a cool interactive 
graphic interface for setting the condi- 
tions for each generated event's rhythm, 
pitch and duration. Pitch material can 
be defined further with selections from 
seven scales and four randomization 
modes, any of which can be defined 
in real time. 

Playback can be limited to a single 
sequence to create a real-time loop 
composition environment. Sequences 
can be selected in noncontiguous order 
with a Ctrl-left-click, although playback 
is always from left to right. Hold and 
sweep with the same key combination 
selects multiple continuous sequences. 

Edit is an impressive toolkit for 
serious music composition, whether in 
real time or off-line. I've worked with 
dozens of music generation programs in 
text-based and graphic interfaces, and 
few of them are as well designed as 
Edit. In software reviews, the word 
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flexible is usually overworked jargon, 
but it applies neatly to Edit. The pro- 
gram supports a variety of approaches 
to music composition, from the strictly 
deterministic to the utterly aleatoric, 
and it presents itself with an interface 
that welcomes interactivity. Edit has its 
limits, but within those limits, it is one 


Envelope 


of the coolest music programs I’ve used 
to date. 

The TamTam SynthLab (Figure 5) is a 
sound design laboratory for advanced 
students. According to the TamTam 
Wiki, the SynthLab is modeled on 
the famous Max/MSP, a graphic envi- 
ronment for music composition and 


multimedia development, but it reminds 
this reviewer of PatchWork, an ancient 
editor for Csound instruments. In 
SynthLab, as in the older program, icons 
representing synthesis primitives are 
wired together to create a patch—that 
is, anew sound. SynthLab provides 
modules for sound generation (FM, 
sample playback, granular synthesis), 
modulators (LFO, envelopes) and effects 
processors (delay, reverb, chorus) that 
can be wired together in arbitrary con- 
nections to create new sounds, all in 
real time, of course. These sounds can 
be played on the computer keyboard 
and/or saved to any of eight slots 
reserved for use in TamTam Mini. 

The TamTam suite is a great achieve- 
ment, particularly when considered in its 
hardware context. It certainly proves a 
point about efficient program design, 
and there were many times when | 
forgot that the TamTam software was 
doing its stuff on a machine with a 
433MHz CPU. It also proves a few other 
points about leveraging the power of 
contemporary Csound and Python. 
Those languages have been developed 
for excellent real-time performance, a 
factor well exploited by the TamTam 
programs. Vast thanks and praise must 
go to Jean Piche, TamTam’s master 
architect and to his crew of talented 
developers for coming up with this most 
fascinating, instructive and hugely fun 
group of activities and for giving it to 
the children of the world. (And, yes, 
that includes children of all ages.) 


Media Players 
| knew that the XO was able to play 
media files in various formats, but at 
first | was mystified as to how to access 
such files. The Sugar interface doesn’t 
provide a file manager a la Nautilus or 
Konqueror. Instead, the Journal activity 
lists all work done on the machine in a 
kind of diary. All saved work also is listed 
there, including recordings and other 
media files, and | needed only to double- 
click on an item to view or listen to it. 
Players are invoked automatically for a 
selected file. On the base system, | had 
no trouble playing MP3, Ogg and WAV 
audio with the players in the eToys and 
Browser activities (Figure 6). | also played 
video files in AVI, MPG and Ogg formats, 
with the understanding that playback was 
not likely to be cinematic with a 433MHz 
CPU. However, videos made on the XO 


www.linuxjournal.com june 2008 | 49 


Figure 6. The eToys MP3 Player 


are recorded at 30 frames per second 
and played smoothly (in their original 
640x480 resolution) when transferred to 
my more powerful desktop machines. 


Simple Recording 
Audio recording on the XO is done with 
the Recorder activity, a simple utility for 
capturing pictures, video and sound. 
After selecting the particular media task, 
a “ready to record” icon appears (an eye 
for video and lips for audio). Click the 
icon to start recording, and click it again 
to stop the process. The file is named 
and saved automatically, and it can be 
previewed directly from the Recorder. 

| tested the audio recorder with the 
internal microphone and with an inex- 
pensive external mic. To its credit, the 
internal mic recorded with less noise 
and a stronger signal. I've since decided 
to do all casual recording on the XO 
with its own microphone. Settings for 
the microphone input level (and all 
other audio channel levels) can be 
managed with alsamixer or any similar 
sound card mixer, but | found the 
default levels to be adequate under 
relatively calm acoustic conditions. 


A Word about the Speakers 
The XO’s internal speakers are okay for 
basic purposes, but they will not provide 
high-fidelity sound. For a better audio 
experience, | suggest either good-quality 
headphones or a set of powered exter- 
nal speakers. Surround sound playback 
is supported by the XO’s audio chipset, 
so you may want to attach a 5.1 sys- 
tem. Alas, | was unable to find technical 
specifications on the integrated speak- 
ers, but it's obvious on listening that 
bass response is almost nil, which gives 
the audio a thin and tinny sound. This is 
especially unfortunate with regard to 
the TamTam software—it simply sounds 
far better on external speakers. 
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The Csound/Python Connection 
Thanks to the pioneering work of 
Michael Gogins, Steven Yi and other 
developers, Csound now includes a 
number of Python-related opcodes. 
Python is rather ubiquitous in the XO's 
software structure, and Csound is the 
audio engine for the machine, so it’s a 
wrap that the XO might be an excellent 
platform for experimentation with the 
world’s most powerful music and sound 
programming language. Alas, I’ve run 
out of space to describe adequately the 
XO's Csound/Python potential in this 
article, but | can recommend interested 
readers to the OLPC Wiki page on 
Csound. A few pointers to relevant pro- 
jects and activities can be found there, 
and further information can be discov- 
ered in the Csound mailing list and its 
archives. Jean Piche and Rick Boulanger 
are Csound gurus, so | have great 
expectations for working with the 
language on this machine. If TamTam 

is any indicator, the creative possibilities 
are truly impressive. 


Critical Remarks 

| loaned the machine to two students, 
both of whom had trouble figuring out 
how to save their work. They discovered 
how to use the Recorder and other 
activities with little difficulty, but the 
Save procedure was dark to them until 

| explained the Journal and its functions. 
Documentation is entirely Web-based, and 
the students said it was a hassle to switch 
between the Web browser and their cur- 
rent activity. Of course, once they learned 
how to use the Journal, all was well. 

The only other problematic area 
for me was the wireless connectivity. 
Connections are hard to come by in my 
area, and | would have been happier with 
an Ethernet port. However, | understand 
the design consideration, and my USB-to- 
Ethernet adapter is already on order. 


If you've been waiting to purchase 
one machine for yourself or thousands 
for children in the remoter parts of the 
globe, just do it. The XO is intended to 
spread happiness and joy throughout 
the world, but the project needs your 
help to achieve this lofty goal. See the 
OLPC Wiki for more information on 
how you can get on board. 

So, do | like the XO? | Jove this 
machine, and | heartily recommend it to 
anyone anywhere. It squeezes more juice 
from a relatively low-powered CPU than 
| would have thought possible, the 
TamTam software's performance is nothing 
short of astonishing, and the fun factor 
scales right off the charts. The XO gets 
five stars for overall excellence, and if | 
had to choose a single word to describe 
the machine and the experience of using 
it, that word would be joyous.m™ 


Dave Phillips is a professional musician and writer living in 
Findlay, Ohio. He's been using Linux since the mid-1990s and 
was one of the original founders of the Linux Audio Developers 
group. He is the author of The Book of Linux Music & Sound 
(No Starch Press, 2000) and has written many articles on 
Linux music and sound issues for various journals and on-line 
news sites. When he isn’t playing with light and sound, he 
enjoys reading Latin literature, practicing t'ai chi, chasing 
shar-pei puppies and spending time with his beloved Ivy. 


Resources 


A TamTam Mini Example (Ocarina Jam): 
linux-sound.org/audio/ 
tamtam-mini-example.ogg 


A TamTam Edit Example (Default 
Compose): linux-sound.org/ 
audio/tamtam-edit-example.ogg 


Jaya Kumar's Paper for LAC 2007: 
www.kgw.tu-berlin.de/ 
~lac2007/papers/lac07_kumar.pdf 


Jaya Kumar's Slides from FOSS/IN 2006: 
https://foss.in/2006/cfp/slides/ 
ALSA_and_OLPC_audio_82.pdf 


The OLPC Wiki: wiki.laptop.org/go/ 
The_OLPC_Wiki 


Wikipedia on the XO: 
en.wikipedia.org/wiki/OLPC_XO-1 


See also YouTube for video demonstra- 
tions of various aspects of the XO. 
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SOFTWARE 


Need a Script? 


Take a hike, ScriptBuddy. Move over, Final Draft. It's CeltX’s turn in the spotlight. DAN SAWYER 


Of all the things a body can write, a 
great number of them these days 
require something a little different from 
the good-old word processor. Podcasts, 
corporate video presentations, radio 
and television advertisements, short and 
feature films, stage plays, animations, 
training videos and television shows all 
require scripts. More than that, they 
require scripts written to particular 
formatting standards. 

Those formatting standards are strin- 
gent—an improperly formatted script 
won't be looked at twice by people 
who are used to working with proper 
scripts. When one is writing a book or 
an article, most of the work can be 
done in a simple text editor—almost 
everything that comes with a modern 
word processor is related to typesetting, 
which can be done as a whole separate 
step if one so desires. With scripts, the 
story is somewhat different. When you 
write for a script-based medium, the 
physical format of the script dictates a 
series of storytelling conventions that 
are enforced by the typesetting struc- 
ture. Attempting to write a script with- 
out effective typesetting is a pain—the 
formatting gets in the way of the 
creative process. 

In the bad-old days, there basically 
were two options (other than writing it 
out by hand and having a minion type it 
for you): 


1. You could format on the fly as 
you go using tabs, carriage returns 
and spaces. 


2. You could create a template for 
OpenOffice.org or a comparable 
word processor. 


The former, as | alluded to already, is 
a major pain. The latter has the problem 
of not giving you the full range of flexi- 
bility sometimes needed in scripts, such 
as subscript or superscript annotation or 
simultaneous dialogue. 

Writing a proper script requires a 
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DOROTHY, TIN MAN, SCARECROW and TOTO walk through a thick 
forest in the Land of Oz. Dorothy carries a basket, the Tin 
Man carries an axe and an oil can. The road is paved with 


yellow brick and is covered 
leaves. The Emerald City is 


DOROTHY 
It’s really scary 


They hear a deep growl from 


DOROTHY 
What was that? 


SCARECROW 


with dried branches and dead 
seen far in the distance. 


in these woods! 
wild animals in the trees! 


(cont'd) 


Hopefully not a beast who likes to 


eat straw! 


Toto stands at attention with his ears perked up. 


DOROTHY 


How much longer before we are out 
of this forest Tin Man? I don’t 


like it here! 


TIN MAN 


I really can’t say. I’ve never been 
to the Emerald City. My Father told 
me that it is a long and dangerous 


journey! 


I am not worried because I 


have my oil can for my joints. 
Besides, you have the kiss from the 
Good Witch. That will protect us 


from harm! 


Figure 1. A Properly Formatted Industry-Standard Screenplay 


specialized tool, and specialized tools 
are expensive. In recent years, a number 
of commercial tools have grown up to 
address this need. However, the result- 
ing commercial tools, such as Final 
Draft, are expensive and many have a 
reputation for being difficult to use and 
(in some cases) unreliable. None of 
these tools run on Linux without a 
bottle full of Wine and a couple good 
shots of whiskey, and even then your 
mileage may vary. 

Last summer, however, a new tool 
emerged from a tortuous two-year beta 
period and attained usability—Celtx. 

CeltX is the brainchild of a 
Newfoundland-based company that 
formed in 2005 and aimed to create the 
ultimate open-source screenwriting and 


preproduction program. After some 
early failed experiments with proprietary 
file formats, the project settled on an 
open system based on Mozilla and 
using XML, HTML and open-standards 
graphics formats to do its work. 

Far more sophisticated than a 
mere document template, CeltX has 
all the tools a writer needs to develop 
a script from a single line concept 
through to a salable final draft. 
Beginning with a “text editor” that 
works more like a stripped-down ver- 
sion of OpenOffice.org Writer than it 
does like gedit, writers can input their 
notes organized in whatever way they 
find most useful—for example, creating 
a separate text file for every subplot or 
for every character's individual arc, in 


KEVIN 
way out. 
SARAH 
And what good will that 


do? It’s not like we can 


Frappuccino. 


Well, we've got to dig our 


nip down to Starbucks for a 


Katy leans over and kisses Carol good morning. It’s obvious 
that they are, or have been, lovers. 


KATY 
Love the party atmosphere. 


CAROL 
(smiles mischievously) 
Oh, they’1l be 
fine. Edelle. 


Figure 2. Simultaneous Dialogue from the Forthcoming ArtisticWhispers Film Down From Ten 


Figure 3. A character dossier from CeltX’s “Wizard of 0z” sample project—notice the hierarchical 
project tree in the sidebar to the left. 


order to concentrate on the different 
threads of the story before marrying 
them together. 

This ability to organize different 
items hierarchically doesn’t stop with 
the text sheets—a number of writing 


wouldn’t—physical description, a graphics 
field for a photo or concept sketch, the 
role(s) that the character plays in the 
drama, motivations, goals, family back- 
ground, education, habits and vices, 
and likes and dislikes. 


None of these tools run on Linux without a bottle 
full of Wine and a couple good shots of whiskey, 
and even then your mileage may vary. 


aids are available for adding to the 
pile and to make organization easier. 
For example, detailed forms for creat- 
ing character dossiers are included. 
The forms have fields for everything 
you'd expect, and a few things you 


Similar forms are available for build- 
ing detailed scene descriptions from 
one’s notes, listing out setting, duration, 
protagonist/antagonist relationships, 
and the description of the action 
and character development that must 


happen in the scene. Because CeltX is 
based on Mozilla, it includes things like 
a tabbed interface that lets users keep 
their relevant character dossiers, scene 
descriptions, text snippets and scripts 
open side by side, so that they can ref- 
erence notes and dossiers quickly while 
working on the script proper. Used to 
their full advantage, good writers can 
plan the entire film except for the 
spoken dialogue before they ever begin 
the actual script, and then easily refer 
to those notes during composition. 

When it comes to the work of actu- 
ally creating the script, CeltX does a 
marvelous job. Built-in templates for the 
four major types of scripts in common 
usage are included: Screenplays, Stage 
Plays, Radio Plays and A/V scripts (these 
are used for advertisements and other 
narrated visual media). Adding one of 
these (or a number of them) to any point 
in the project is a two-click enterprise 
and very straightforward. 

Once inside the script editing 
module proper, users have the option 
of typing into the template, which for- 
mats things properly on the fly, or using 
the index cards outlining feature— 
something veteran script writers will 
find very useful. 

In the old days when we had to 
work by hand or wrestle with word pro- 
cessor templates, a lot of screenwriters 
would begin by scribbling one- to two- 
sentence scene descriptions on index 
cards and sticking them to a corkboard. 
We'd then rearrange things until we got 
a dramatic structure that seemed to 
work, and then use the order we settled 
on as the rough outline for the script. 
CeltX made good use of this paper- 
world convention by including an Index 
Cards screen for laying out the scenes 
and shuffling them around into the 
correct order before diving in and 
writing the dialogue. The shuffling 
feature continues to work after the 
script has been written, making post 
hoc rearrangement of the script a 
breeze. Once the writing is done, the 
script can be exported to PDF or HTML, 
retaining its proper formatting, or to 
plain text (which, alas, loses much of 
the formatting). 

However, CeltX is not merely a 
tricked-out word processor. It aims to 
be a full-fledged preproduction suite, 
and it succeeds famously. It has forms 
for describing every prop, every set 
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What is the central event of this scene? 


Which characters are in this scene? 


The Wonderful Wizard of Oz 


How does this event affect the overall plot? 


What's the setting of this scene? 


Figure 4. The scene element, which actually continues on for quite a bit longer than can fit in a screenshot. All of CeltX's description elements are 


similarly thorough. 


design, every location, every piece of 
lighting and camera equipment, and 
every actor. Further forms are available 
for greenery, practical effects, explo- 
sives, digital effects, production vehicles, 
character vehicles, animals, craft ser- 
vices, and just about everything else a 


calender for production scheduling, as 
well as a couple other invaluable tools 
for pushing the production forward. 
Planning a project for production has a 
long and detailed set of challenges, not 
the least of which is the translation of 
the written word into visual images. To 


Far more sophisticated than a mere document 
template, CeltX has all the tools a writer needs 
to develop a script from a single line concept 
through to a salable final draft. 


body could ever need to produce a 
motion picture, stage play or other per- 
forming arts piece. Using these forms to 
annotate the script, it’s very simple to 
create a production breakdown—the 
first step toward budgeting and 
scheduling a project for shooting. 
Although CeltX does not contain 
a budgeting system, it does contain a 
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this end, filmmakers have traditionally 
employed storyboards. 

Storyboards are, for lack of a better 
description, a comic-book version of the 
screenplay drawn up from directions 
contained in the script. The camera 
angles, movement and editing are 
planned out in as detailed a manner as 
possible (usually with the input of the 


director and the director of photogra- 
phy), and these storyboards are then 
used in the budget breakdown—the 
planned camera angles and motion help 
the photography directors ascertain the 
equipment (lenses, dollies, steadicams, 
cranes and so forth) that they'll need 
to shoot the film successfully. The sto- 
ryboards also often are taken on set 
to guide the director of photography 
as the film is shot to make sure the 
production team covers all the proper 
camera angles and performances. 

CeltX contains a very usable story- 
boarding module. A storyboard can 
be constructed with imported images 
(scanned illustrations, photographs from 
rehearsals or what have you) on a per- 
sequence basis, and then played back in 
an included flipbook to give the approx- 
imation of an animatic, helping the 
director get a feel for the timing of a 
scene before it’s shot. 

Of course, CeltX is a commercial 
enterprise, and its business model 


7 Mo 


Project Library 


Storyboard 
1, EXT. FOREST. DAY 


- 2 + 


| Dali raat weber ey 


Scarecrow and Toto 
walk through a thick 


15 Toto starts to bark 
and growl st 8 tree in 


Figure 5. The Storyboard Window, with Flipbook Player Displayed 


revolves around a raft of Web services 
that it offers through CeltX Project 
Central. Although the CeltX folks intend 
to add premium features as the user 
base grows, the basic membership is 
free, and for that freedom, users get 
quite a powerful program. By signing 
up for the account, users have the 
option of creating a private or a public 
publishing account. A public account 
lets users show their script to the CeltX 
community to solicit comments and 
compare notes, while a private account 
shared among a small group allows for 
group collaboration on the script and 
production breakdown. 

If, for example, your storyboard 
artist, producer or client, and your direc- 
tor need to work together on a produc- 
tion breakdown, each can be given 
access to the project. The director can 
annotate the script and the storyboard 
cells that the storyboard artist draws, 
the producer can give notes for the 
screenplay content and budget, and 
they can collaborate on revisions and 
breakdown in real time (or in delayed 
time ad hoc, which is much more con- 
venient). This kind of collaboration 


reduces the number of necessary pro- 
duction meetings and greatly facilitates 
the collaborative process—and it, like 
the software, is free. 

| should emphasize, however, that 
one need not be a member at CeltX 
Project Central in order to use CeltX in- 
house, or to export its results to open 
formats. Membership at Project Central 
is both free and optional—it’s a value- 
added service for CeltX users, not a 
lock-in tactic, which makes it the best 
of all worlds. 

Now, the coup de grace. All of the 
additional elements, including story- 
boards and music, can be used to 
mark up the script. By referencing 
these elements in the script, every- 
thing is tied together for producing 
production breakdown reports on a 
scene-by-scene basis, giving the 
prospective producer and director 
everything they need to produce a 
film (other than the actual money, 
personnel and equipment). 

There are times when those of us 
determined to travel in the land of 
open source must settle for “good 
enough”. This is particularly the case in 


&) Delete 


1.3 They hear a deep 
growl from wild 
animals in the trees. 


1.6 We hear a loud roar . 
From behind a tree 
leaps a large lion, 


a A at 
f 
CL Tie] 


the realm of multimedia production. 
With CeltX, that’s not the case. By 
combining several industry-standard 
document template formats with a 
well thought-out preproduction system 
offering thorough production break- 
outs and top-rate reports, CeltX has 
leapt right to the head of the pack. My 
only regret is that there isn’t a basic 
book template included, as many of 
the included tools also are indispens- 
able to novelists, and |’d very much like 
to use it for my next book. However, 
its open nature means that the docu- 
ment templates are editable. Now, if | 
could just learn the XML API it uses, 
perhaps | could extend the capabilities 
of this system just a little bit further. 

Excuse me, | believe | have some 
software modification to do.™ 


Dan Sawyer is the founder of ArtisticWhispers Productions 
(www.artisticwhispers.com), a small audio/video studio in the 
San Francisco Bay Area. He has been an enthusiastic advocate 
for free and open-source software since the late 1990s, when 
he founded the Blenderwars filmmaking community 
(www.blenderwars.com). He currently is the host of “The 
Polyschizmatic Reprobates Hour”, a cultural commentary pod- 
cast, and “Sculpting God”, a science-fiction anthology podcast. 
Author contact information is available at www.jdsawyer.net. 
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Zimbra Desktop 


An alternative e-mail client. DANIEL BARTHOLOMEW 


Zimbra Desktop is an alternative e-mail client. | don’t 
mean that it is yet another choice in e-mail client-land. It 
is more than merely another choice. Zimbra Desktop is an 
attempt to blur the lines between a browser-based Web 
application and a traditional desktop application. In many 
ways, it is similar to applications like Evolution, Outlook or 
KMail—what Zimbra refers to as “fat” clients—but in 
other ways, it has more in common with browser-based e- 
mail platforms, such as Gmail, Hotmail and Yahoo mail. In 
a nutshell, Zimbra Desktop is the Web-based Zimbra Ajax 
Web client running inside a custom Prism install (for more 
about Prism, see the What Is Prism? sidebar). 

At first blush, | thought to myself, “Why would some- 
one want to do this? What's the point?” Well, the point, | 
came to discover, is that desktop e-mail suites have 
certain advantages over browser-based e-mail suites, and 
vice versa. 

The main advantage desktop e-mail clients have over 
their browser-based brethren, in my opinion, is the ability 
to read saved e-mail when you are not connected to the 
Internet. There is also, in corporate settings especially, the 
advantage of integration with LDAP directory servers and 
scheduling functions through shared calendars and the 
like. On the other hand, the main advantage that browser- 
based e-mail clients have over desktop e-mail clients is that 
they run exactly the same, or very nearly the same, on 
multiple browsers and operating systems. There also is no 
lengthy install process; you simply go to the site and there 
it is. The aim of Zimbra Desktop is to give you the best of 
both worlds. 


Installation and Configuration 

Unfortunately, because Zimbra Desktop acts like a tradi- 
tional application, there is an installer. The installer itself is 
an approximately 40MB shell script. Actually, it is a 
340-line shell script cat’ed to an approximately 40MB 
tar.gz file. The script extracts the tar.gz file from itself, 
One of my favorite features in 
Zimbra Desktop (which is also 
one of my favorite things about 
Gmail) is the extensive availability 


of keyboard shortcuts. 


gunzips and untars it, and then runs the Java-based installer 
that lives inside. This sort of installation bootstrapping, by 
extracting a file stored inside a shell script, is something 
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Instaiting e 
Please wait while Setup installs Zimbra Desktop on your Z 
computer. 


Extracting files... 
jetty /webapps/zimbra/help/ Delegated mailboxes/Sharing your ma. 
Peas A a ie 


installt) 


Figure 1. Zimbra Desktop Installer 


commercial Linux software seems to prefer doing, and | 
have to say, it does work. 

The GUI installer is nothing special. It uses install4j, and it 
gets the job done. 

At the end of the installation process, you'll have a zim- 
bra folder wherever you instructed the installer to put it. 
The home folder of the user that performed the install is 
the default location. Optionally, you also will have a desk- 
top icon, if you did not uncheck the Create Desktop 
Shortcut box. 

Double-click the desktop icon, and Zimbra Desktop 
launches and prompts you to enter in the settings for an e- 
mail account of your choosing. Zimbra Desktop supports 
Zimbra Collaboration Suite (ZCS), Gmail, Yahoo Mail Plus 
and standard POP and IMAP accounts. | tested with Gmail 
and ZCS, as those are what | have. 


E-mail on Zimbra Desktop 

The initial sync of my Gmail account took about an hour 
from start to finish. | just left it alone while it downloaded 
my mail. | didn’t have much mail in my ZCS account, so 
that sync was almost instantaneous. 

Using Zimbra Desktop reminds me a lot of using 
Evolution or Thunderbird. You can drag and drop e-mail 
messages from one folder to another, right-click on single 
messages or groups of messages and perform various 
actions (such as forward, filter, tag, mark as read or unread 
and so on), and you can do many of the other things that 
you would expect. It was easy to forget that the entire 
interface is built using HTML and JavaScript. 


The e-mail composer has all the features | expect from a modern client. You 
can compose in HTML or plain-text format, and in HTML mode, you have all of 
the usual control over fonts, lists, colors, text size and so on. 

The e-mail viewing interface has the familiar three-pane view that most clients 
default to, and the HTML e-mail messages | used for testing rendered the same as in 
other clients. 

On the whole, using Zimbra Desktop is quite plain. It feels like what I'm used 
to with standard “fat” desktop mail clients. The interface is easy to navigate 
around, and things are generally about where | expect them to be, and when | 
wanted more information, the integrated help system was very useful. 

One of the biggest differences between Zimbra Desktop and a standard client 
is that there aren't the normal File, Edit, View, Search (and so on) drop-down 
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Figure 3. Zimbra Desktop has no trouble rendering HTML e-mail messages. 


What Is Prism? 


Prism is a Mozilla Labs project. Its 
aim is to allow you to split Web 
applications out of your browser 
and run them directly on your 
desktop. In reality, it allows you 
to run your Web application 
inside a stripped-down Firefox 
window, with no buttons or bars 
to get in the way. 


The reason this is useful is because 
of one of Firefox's design deci- 
sions. In order to save on memory 
and processor usage, all of your 
browser windows run under a sin- 
gle Firefox process. This generally 
works well, except when Firefox 
crashes. Because of the design, a 
crash in one Firefox window 
affects all other Firefox windows. 
Prism lets you separate Web appli- 
cations into their own processes. 
In this way, they behave more like 
traditional desktop applications— 
for example, if my Prism Gmail 
application dies, it doesn’t affect 
the other Web applications | have 
running or close the Web sites | 
currently have open. 


Development is ongoing, and new 
features are coming out all the 
time. For example, a new plugin 
for Firefox 3 recently was released 
that allows you to convert a Web 
site into a desktop application 
simply by clicking Tools—Convert 
Website to Application. 


More information about Prism is 
available at labs.mozilla.com/ 
featured-projects/#prism. 
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Zimbra 


Welcome to the Zimbra'™ Web Client, 
"| Advanced Edition 
Zimbra Collaboration Suite 1s a full-featured messaging and collaboration 


tad Your account may not include aff the features mentioned Check 
with your system administrator to see which features are enabled 
for your account. 


Vou can access the following features trom the Limbra Web Client 
we) 


© Compose and send new mail messages 
@ Read and reply to mail messages 
© Track mail exchanges using the Conversation feature or 


= 


Figure 4. Help is just a click away. 


Figure 5. Zimbra Desktop has a lot of shortcuts. 


menus arranged into a nice menu bar. This is not a limita- 
tion as such, it’s just different. In normal, everyday use, | 
didn’t miss them. 

One of my favorite features in Zimbra Desktop (which is 
also one of my favorite things about Gmail) is the extensive 
availability of keyboard shortcuts. In fact, many of the key 
combinations are similar, if not the same, so | quickly felt at 
home. This is something fat clients could learn from their 
browser-based cousins—easy keyboard shortcuts, such as 
pressing J to move down in the list of messages and K to 
move up, are great time-savers. The complete list of short- 
cuts is available under Preferences—Shortcuts. 


Calendaring 
The calendaring component of Zimbra Desktop is very nice. 
It's much better, in my opinion, than Google Calendar, if 
not quite as good as some of the other desktop calendar 
apps | have used. 

You can create appointments by a click and drag on the cal- 
endar, and you can move appointments by selecting them with 
the mouse and moving them where you want. You can create 
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Figure 7. Zimlets are a nice way to extend your e-mail interface. 


new calendars simply by clicking the New Calendar button. 

The shared calendars and scheduling features work only 
with ZCS accounts, so keep that in mind if you are thinking of 
using Zimbra Desktop in a multi-user setting. If you are using 
Zimbra Desktop with an e-mail account other than ZCS, the 
calendar works like a standard desktop calendar. You also can 
subscribe to shared ical calendars. 


Address Book 

As far as the address book goes, it’s an address book. If 
you're using ZCS, you likely will have access to a shared 
address book. There's nothing special here. 


Zimlets 

One thing that Zimbra Desktop has that other clients don’t 
are Zimlets. Because the Zimbra Desktop’s entire interface is 
based on HTML and JavaScript, it makes sense to include 
other pieces of on-line content into the client, and Zimlets are 
what allow this. Included with Zimbra Desktop are Yahoo 
Maps and Yahoo Local Zimlets. More Zimlets are available at 
gallery.zimbra.com that can do things like track flights and 


add support for Flickr to the e-mail composing window, 
but installing them is nowhere near as easy as Say, 
installing a Firefox extension, and if anything, they should 
be easier to install. They're a neat idea though, and they enable 
functionality that you just can’t get in traditional e-mail clients. 


What | Don’t Like 

On the whole, | was impressed with Zimbra Desktop. But, there 
were some things | really didn’t like. As Zimbra Desktop is in 
beta, take these criticisms with a big grain of salt, because they 
might have disappeared by the time you read this. 

Setting Zimbra Desktop to connect to my Gmail account 
was an easy process, but using it was not so easy. When con- 
necting to Gmail via IMAP, your Gmail labels show up as fold- 
ers, and the first time you click on any folder other than the 
Inbox you get a “This folder is currently not syncing. Click here 
to sync this folder” message. This is silly, because if | did not 
want to view the messages in the folder, | would not have 
clicked on the folder. The very action of me clicking on the 
folder indicates that | want to sync the folder, so there is no 
need to ask me. In addition to this, after you click on the link, 
you are sent back to the Inbox for some reason. Clicking on 
the folder again finally gets you the folder you wanted. Three 
clicks just to view one folder seems excessive, and the effort 
involved in getting my entire Gmail tree syncing was unneces- 
sary. | will grant that | have a lot of labels, and thus, a lot of 
folders, but Zimbra Desktop could have been smarter with its 
default behavior. 

Another annoyance is that in the Zimbra Desktop interface 
you can view only one account at a time. Because of this, 
dragging e-mail from one account to another one is impossi- 
ble, as far as | can tell. 

Each account also has its own calendar and contact list. | 
have a work e-mail and a few personal e-mail accounts, and 
both work and home calendars. In Zimbra Desktop, there does 
not appear to be a way to view all contacts from all accounts 
at the same time. Ditto for calendars. 

Another minor quibble about the calendar is this: because 
I'm using Zimbra Desktop with my Gmail account, when | saw 
the calendar, | thought to myself, “hey, this probably will sync 
in both directions to my Google Calendar”. It doesn’t. Zimbra 
Desktop can read and show your Google Calendar by subscribing 
to the ical link you can get from Google Calendar, but it is 
read-only. The writeable calendar is only in Zimbra Desktop. 
| suppose | can’t complain too much, as Zimbra never said the 
calendar would sync with Google Calendar, but I’m still sad it 
doesn’t. Maybe in a future version? 

On the topic of missing functionality, | was not able to get 
the touted off-line capabilities working with either Gmail or 
the ZCS server | set up for testing. | tested the feature simply 
by unplugging my computer from the network and then 
launching Zimbra Desktop. Instead of showing my e-mail mes- 
sages, | received a message stating that the document could 
not be displayed in front of a blank window. This should 
improve with future releases and may well be fixed by the time 
this article is published. 

There also is a daamon that must be running for Zimbra 
Desktop to start. If it is not running, you'll get an error message. 
This daemon lives at zimbra/zdesktop/zdesktop and must 
be launched with a single start argument. The installer does 


A This document cannot be displayed while offime To go online, uncheck Work Ottine from the File 
meny. 


4 


Figure 8. This error message would be more useful if there were a File 
menu in Zimbra Desktop, but there isn’t. 


A The connection was refused when attempting to contact localhost: 7633. 


Figure 9. The zdesktop damon must be running for Zimbra Desktop 
to work. 
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Figure 10. A simple startup entry ensures that zdesktop starts whenever 
| log in. 


tell you about it, but it does not set it to start automatically, 
so in order to make sure it was always running when | was 
logged in, | created a Startup Program entry for it. This is a 
small annoyance, and one that hopefully will be automated in 
a future version of the installer. 

One final thing to be aware of when using Zimbra Desktop 
with Gmail that | found is annoying is that if an e-mail does 
not have a label assigned to it and it is not in the Inbox, you 
won't be able to see it. So if you plan on using this with 
Gmail, label everything. 


Conclusion 

Will | be ditching other e-mail clients and switching over to 
using Zimbra Desktop full-time? In a word, no. Zimbra 
Desktop is a very nice e-mail client. It has the features | expect 
a modern client to have, it can handle multiple accounts easily, 
and everything is rolled up into a nice easy-to-install package. 
But being “just as good” as other e-mail clients is not enough 
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Zimbra Collaboration Suite 


The documentation for Zimbra Desktop states that ClamAV + LDAP server installation. 

you have to have a Zimbra Collaboration Suite (ZCS) 

to connect to. This is not technically true, as you can ZCS comes in both a commercial Network edition and 

use Zimbra Desktop with Gmail, Yahoo mail or any an open-source Community edition. Both have excel- 

POP or IMAP server without a ZCS in sight. However, lent documentation, which is great help in getting it 

the integration with Zimbra server is, naturally, very up and running. 

strong, so if you run your own e-mail server, the ZCS 

+ Zimbra Desktop combination is very compelling. More information on the Network edition is avail- 
able at www.zimbra.com/products. And, more 

One of the main benefits of running ZCS as your information on the Community edition is available at 

e-mail server is that the installation is easy when you www.zimbra.com/community. 


compare it to setting up your typical SMTP + IMAP + 


to make me switch. Even the coolness of Zimlets is Zifitra Desktop Beta (build 1062) UMnStd 
not enough. 


: : ; . . Select Additional Tasks . 
The integration of Zimbra Desktop with the Zimbra Which additional tasks should be performed? Z 


Collaboration Suite is, naturally, very good, and if | were 
using ZCS as my primary mail server, the choice to use 
Zimbra Desktop would be obvious. | would. And, that 
is, | suppose, my final recommendation. If you are using 


Select the additional tasks you would like Setup to perform while 
installing Zimbra Desktop, then click Next. 


ZCS, Zimbra Desktop lets you access your messages, __ Delete ENTIRE local dataset 
contacts and calendars even when you're off-line (that’s NOTE Selec this aution OMLY @ you want te weemanently rermeve all 
the promise, anyway), and you can use it for all of your Gountaates dita hem local companent 


other e-mail accounts too. 

Even if you do not use ZCS, you still might want to 
give it a try. The download and install process is easy, 
and you'll be up and running quickly. | think you'll find, 
as | did, that alternatives, such as Evolution, Thunderbird 
or Gmail work equally as well, and that there is no com- 
pelling reason to move away from what you are already 
using—in which case, there is a nice uninstaller. 


But, then again, maybe you'll love it and never want Nerd > Cancel 
to use a traditional e-mail client again.m= ig : 
Figure 11. If Zimbra Desktop is not for you, there is a handy uninstaller located 
Daniel Bartholomew lives with his wife and children in North Carolina. in the zimbra folder. 


se), ii.3 Tagging Command History for Rapid Recall 


When you are hunting for a configuration problem with However, as you do other things, you sometimes lose 
services like Apache and MySQL, you may have to execute “quick” access to the command line in the shell history. 
a sequence of commands repeatedly, such as: To avoid this, “tag” the line with a comment that will 


make it easy to find: 
/etc/init.d/apache stop 
/etc/init.d/mysql stop /etc/init.d/apache stop; /etc/init.d/mysql stop; \ 
/etc/init.d/mysql start /etc/init.d/mysql start; /etc/init.d/apache start; #apmy 
/etc/init.d/apache start 
Now, to recall the command, simply do Ctrl-R + apmy, 

You can create a script to do this, or you can put all and you should have the command, as long as you've 

the commands on one line separated by semicolons: chosen your “tags” wisely. 
—CARLOS PANTELIDES 

/etc/init.d/apache stop; /etc/init.d/mysql stop; \ 

/etc/init.d/mysql start; /etc/init.d/apache start 
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Black Hat 


The war for your data rages on. 
Be certain your defenses are up to the job. 
Black Hat USA convenes the best infosec minds on the planet for six days of intense, hands-on security 
education and peer-to-peer networking. Our speakers and trainers are the world's leading voices from 


academia, research and the underground. ‘The breadth and depth of topics is unmatched. You will gain 
actionable knowledge, discover new tools, and learn expert techniques for digital self defense. 
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HARDWARE 


The COWON iAudio 7 


A Flash-drive, mini-portable media player that plays nice with Linux. PHILIP RAYMOND 


| was on the prowl for a new portable 
media player. | wasn’t happy with just a 
music player though. | wanted some- 
thing that would play videos, FM radio, 
show pictures, display text, record my 
voice, record old LPs via a line-in jack, 
record FM radio and play music—not 
just MP3s, but Ogg, FLAC and (yuck) 
my few WMAs. Finally, it would be 
great if it sounded better than, and had 
double the battery life per charge of, an 
iPod Nano. And, | found it, the COWON 
iAudio 7. This Swiss-Army knife of 
multimedia players comes in 4GB, 8GB 
and 16GB varieties of Flash drives 
that cost $150, $200 and $300 retail, 
respectively, but you easily can find one 
for less at most on-line retailers that sell 
this player. Best of all, this player is very 
Linux-friendly. 

Its default setting is for use as a 
UMS device out of the box. That means 
you can move your media in and out of 
this player easily by dragging and drop- 
ping to and (unlike many other players) 
from this device. You don’t need to 
install any software to do this, just turn 
it on, plug it in to any of your comput- 
er’s USB ports, and within seconds, it 
mounts as an external drive. You will 
see an icon pop up on your desktop 
when it mounts. Open it, and navigate 
to whatever folder you wish to move 


Figure 1. COWON iAudio 7 


iAudio 7. Smaller than a credit card, 
it’s about the same size as a large 
pack of gum. The screen measures 
1.3", 160 x 128 dot and is a 260,000 
color TFT LCD. Small as this screen is, it 
has good detail and color saturation. 
This makes it relatively enjoyable to view 
a TV show or even a movie. An hour of 


Its default setting is for use as a UMS device 
out of the box. This means you can move 
your media in and out of this player easily 
by dragging and dropping to and (unlike 
many other players) from this device. 


files to and from, and when you're 
done, simply right-click and unmount it. 
Videos do require re-encoding prior 
to loading them for playback on the 
iAudio 7, and there is an open-source 
Linux solution for this purpose. This is 
necessary, due to the small size of the 
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video after re-encoding is about 178MB, 
so it's possible to carry quite a few TV 
shows or movies in this player and still 
have room for your music library too. If 
you think you'll be carrying a lot of 
videos, you might want to opt for 

the 16GB version. Videos need to be 


encoded in xvid-.avi at 256—-384kbps, at 
no more than 15fps. | provide a step-by- 
step rundown on how to re-encode later 
in this article. 

The iAudio 7's best feature is its 
sound quality. It puts most other players 
to shame. The earbuds COWON packs 
with this player are of average quality. 
To really appreciate the sound quality 
this player puts out, you need to buy 
better earphones, like the Shure e2cs 
| own or any other $100+ brand of your 
choice. Another way to hear this player’s 
outstanding audio quality is to plug it in 
to your car's radio, if it's equipped with 
an MP3 player (line-in) jack, like many 
newer models now have. 

Its equalizer is called Jet Audio, 
which is a software branch of COWON. 
This little player has the most elaborate 
choices for equalization | ever have seen 
on any player. If you can’t find a setting 
you like listening to, you might want to 
consider buying a hearing aid instead— 
it’s that good. 

Controlling the iAudio 7 is done 


with a touch interface to the right of 
the screen. It’s called a swing-bar, and 
it's fairly easy to learn how to use, but it 
can be a bit difficult getting used to the 
touch sensitivity. You can make it better 
by going to SettingsGeneral and 
changing the touch sensitivity to low. 
Fortunately, it does have a lock switch, 
so when it’s locked, you can run it in 
your pocket without fearing it will 
switch to something you don’t want to 
hear. To use the swing-bar, simply stroke 
the bar up or down, or hold your finger 
down at one end or the other to scroll 
through the menu. Tapping either end 
of the bar tells it to skip to the next file. 
The play arrow opens any file or func- 
tion, whether it’s music, video, radio 
station and so on. You can shuttle 
forward or reverse with videos or 
music, using the swing bar. This is 
useful if you recorded a TV show off-air 
with commercials or if you just want 
to shuttle over a segment of video. If 
the shuttle speed is too slow for your 
liking, you can make it faster by going 
to Settings—~General and increasing 
the scan speed. 

There also are three control buttons 
on the top of the player. The left button 
is power on/off/hold. The center button 
is the master menu control, which 
switches between all folders and playlists. 
The right buttons are for volume up and 
down. On the left side are the earphone 
and line-in jacks, and on the right side 
is the USB port, with a sturdy rubber 
flap covering it. 

Speaking of playlists, you may be 
thinking that because you would be using 
it in UMS mode, you wouldn't be able 
to save custom mixes of your favorite 
songs. You would be wrong. The iAudio 
7 has a feature called DPL, for Dynamic 
Playlist. To use this feature, simply hold 
the play button while playing a song 
until you see a small box that has a 
choice of DPL, Bookmark or Lyrics. 
Choose DPL, and it saves that song to 
the DPL folder. You can arrange the 
songs in that folder in any order you 
like, up to 200 songs. Just remember, 
the last song added always ends up at 
the bottom of the list. 

You also can create subfolders on 
your computer for DPL, if you want to 
have special mixes of songs. Simply load 
the mix folder to the Music folder on 
the player. Then, on the player’s main 
menu, click on Music, navigate to that 


folder, hold down the play button, and 
choose DPL on the drop-down menu. 
To get to the DPL folder, simply navigate 
to the Music folder on the main menu 
(using the top-center button), scroll 
down and click on Dynamic Playlist. 

I'm sure you're curious about those 
other choices that appear in the menu 
box. Bookmark simply bookmarks your 
song or video where you paused it, if 
you want to navigate away to another 
song or folder. Lyrics displays the lyrics 
to the song you are playing. (This works 
only for songs that have this feature.) 

The line-in, voice and FM record- 
ing features also are a nice touch, 
and they do make quality recordings. 
| did find it odd that with the support 
for Ogg, FLAC and Xvid open-source 
files for playback on this player, it 
records only line-in, voice and FM 
radio in unprotected WMA with a 
limit of 128kbps. In spite of this, the 
recordings sound surprisingly good, 
thanks to the Jet Audio equalizer. 
Voice recordings are done through 
a built-in mic, which sounds fine on 
the higher bit-rate settings. Line-in 
recording is one of those functions 
| feel all media players should offer. 
Maybe it’s because it appeals to those 
like myself, who are old enough to 
have a large collection of music on 
vinyl LPs. In any case, you can digitize 
all your old vinyl records by recording 
directly into the iAudio 7 from your 
analog stereo amp. Simply connect 
your amp using standard RCA A/V 


Sivrkem Meee tem @ @ 


s Avtchommnss 2 1010 6 0 Saremy Slevered reymey 


ee ee oe | 
ew - ee 2) Bowe BY 


eter 
tae 


ose 
e9atrernmraezeun wh Hw 
preme 1tHR0O Teme: 00:00:00 006 


eS Rede 2 10 08 20 ry, 


920647 22) Pare 08) 


Figure 2. Setting the Bit Rate 


plugs connected to an RCA-to-mini- 
plug conversion jack, and connect the 
mini-plug end to the line-in jack on 
the iAudio 7. If you want to burn a 
CD of the music you digitized, simply 
drag the songs out of the player and 
on to your computer for burning. 

The FM radio has good signal pick- 
up and can be used in several ways. 
You can scan for stations manually if 
you want, but it’s easier to auto-scan all 
the stations it can pick up in your area 
and then assign presets for the stations 
you like. As for recording FM radio, you 
can do it on the fly, or you can use the 
timer settings in the Settings menu and 
preset a time to record a station—like a 
TiVo for radio. This same timer also can 
be used to lull you to sleep with your 
stored music or to wake you up with 
the FM radio—like a clock radio. 

The picture and text display functions 
are pretty straightforward. Both can be 
displayed separately as your music plays. 
To load text or pictures, simply drag and 
drop into the appropriate folder, just like 
all other content stored on the player. 
Pictures are resized automatically as 
they load. They also can be used as 
wallpaper for your screen, or you can 
hold down the play button while the 
picture is displayed to add it to a 
slideshow of your own creation. 


Video Encoding Tutorial 

| know video encoding is a bit of a 
pain for some of you, but the pay-off 
is in the quality of the video on a 
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Games om oe a a very well for what we’re doing here 
fi BH oem Wales ute Dosh ate Ge Canton tie too. The second step involves taking 
SS the finished video conversion to Xvid 

AVI using Avidemux and reprocessing 
it, using a tool called i7remux 0.1. 
This is necessary, because the iAudio 
7 will play only videos made with | 
frames; b frames are removed by 
Avidemux. i7remux is a free, open- 
source converter made just for the 
iAudio 7 (see Resources for the 
download link). 

Compiling and installation after 
extracting from a zip file are easy. 
Simply open a terminal, and type 
./configure, make, then sudo make 
install. i7remux rearranges the 
internal structure of a given AVI 
file and rebuilds the indices. Once 
i7remux does this, and it does it 
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Figure 3. Motion & Misc Settings much faster than the first encoding 
using Avidemux, the video is ready 

Qeecnten ma teem BO Gemton m easel . to be loaded into the player. It 

é Avtchemmnie 2 10:10 60 OS Sevmmy S hevermes mpeg ir 


doesn't take as much time as it may 
seem, a one-hour show takes about 
30 minutes to encode using these 
two processes. 

First, in Avidemux, open the video 
file you want to encode. If it’s a TV 
show recorded with a capture card, it 
will be an MPEG-2 file. Avidemux runs 
an indexing for the video before it's 
loaded for the next step. Many video 
podcasts, however, are m4v files and 
h264 codec. Avidemux will pop up a 
dialog box that says it has detected 
h264 and will use another mode to 
bypass B frame referencing. You don't 
need to use this alternate mode that 
loses frame accuracy, because you will 
be getting rid of the B frames later 
anyway, so choose Cancel to keep the 
Figure 4. Quantization Settings frame accuracy. 

Next, choose Xvid4 for conversion, 
select the Configure box, and on the 
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player this small and portable. You or by downloading a video podcast Main tab, choose single pass bit rate, 
may want to watch video on a player using Rhythmbox (yes, Rhythmbox and change the default bit rate to 384 
this small on a camping trip or com- can catch video podcasts, it just can’t (Figure 2). 

muting on a crowded train or plane. play them). Next, choose the Motion & Misc tab, 


and uncheck all the boxes. Change the 


In any case, you can digitize all your old vinyl —_! frame interval to min 2, max 66 (the 


maximum interleaving time), and reduce 


records by recording directly into the iAudio 7 the default amount of B frames to 0 
from your analog stereo amp. (Figure 3). 


Then, under the Quantization tab, 
reduce the B frame quantizer to 1 for 


For me, it beats lugging around a Encoding is a two-step process both min and max (the lowest setting). 
laptop just to watch a video. | get that begins by using Avidemux. Then, click OK, and go to the Filters 
most of my videos by recording off Avidemux is great for converting box (Figure 4). 

a cable box at home using Freevo most videos codecs, and it works Choose MPlayer Resize, and pro- 
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Figure 5. MPlayer Resize 
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Figure 6. Resample FPS 


gram 4:3 for source and destination, 
and program width 160, height 120, 
and click OK. Do not click Apply. For 
some reason, Apply doesn't seem to 
function; | think it’s a bug in Avidemux. 
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(Figure 5). 

Next, choose Resample FPS, enter 
15.000000, and choose no linear 
blend (Figure 6). 

For audio, choose Lame for MP3 


i7remux rearranges the internal structure of a 
given AVI file and rebuilds the indices. 


Also, if you have a video recorded in 
16:9 ratio, simply change the source 
setting to 16:9, and program a width 
of 160 and a height of 90. That 

way, the images will not be distorted 


encoding, and click Configure. The 
default settings should be 128kbps 
CBR 2 channel stereo, and if they are, 
don't change them. Then, under 
Filters, choose Resample, and set it to 


44100#z. Finally, save your project to 
whatever folder you want, and be 
sure to give it a name ending with 
cavi. Click OK, and Avidemux now will 
convert your video to xvid4. When it’s 
done, close Avidemux, and move on 
to the next step. 

Now, you're ready to use i7remux 
to finish encoding your video. This is 
a command-line program, so open a 
terminal and simply type i7remux (no 
need for sudo), then copy and paste 
the name of your video from the 
video created by Avidemux. Next, 
copy and paste again, only this time 
change the filename of the video by 
adding a random letter or number to 
it, then press Enter. If you don't add a 
letter or number, it won't let you 
encode. i7remux then creates the 
video you will load to the player 
when it's done; this should take 
about 10-20 seconds. i7remux sends 
it to the same folder to which 
Avidemux sent your video. 

Next, plug in the player to any 
USB port, and click and drag the 
video you created with i7remux to 
the Movie folder in the player. When 
you navigate to Videos in the player's 
main menu, you should see your 
video. Simply highlight it, and touch 
the play button. You might hear only 
audio for a few seconds before the 
video shows up in the screen. If this 
bothers you, pause the video and 
start it again. 


Firmware Updates 

Firmware updates for the iAudio7 are 
available from the support link at 
cowonamerica.com. To install one, 
download it to your desktop and extract 
it. Plug in the player to a USB port, and 
drag the firmware to the Root folder of 
the player. Then, unmount the player, 
and it will power off. Turn it back on, 
and it begins to install the firmware 
update. When it's done, after about 20 
seconds, it turns itself off. When you 
power it back up, you should see the 
new firmware installed, indicated by the 
new version number on the boot splash. 
Firmware updates are a good idea, as 
the player always is being tweaked by 
COWON with improvements. However, 
a firmware update deletes all content 
on the player prior to the update. So, 
be sure to have a backup of your con- 
tent on your computer or an external 
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Figure 7. Avidemux Encoding 
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Figure 8. File Copying 


is that it had the most bang for the 
buck, and it slips into my pocket very 
easily. | have the 8GB version, but the 
4GB and 16GB versions give everyone 
a wide range of choice for personal 
storage needs, and they're all priced 


drive before updating. If you don’t think 
the update is worth the hassle, just 
don’t do it, the player still will run fine. 


Conclusion 

This, obviously, isn’t the only multimedia 
player that functions with Linux. In fact, 
COWON's D2 player is a good choice if 
you want a larger 2.5" screen, but it’s 
also a larger player, so there’s a size 
trade-off. Another player worth consid- 
ering is the iriver clix, which now can be 
used as a UMS device, unlike last year’s 
model, so it too can function on Linux. 
The reason | chose to buy the iAudio 7 


COWON America: cowonamerica.com 


i7remux-0.1.zip 
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competitively. Not to mention, a 16GB 
Flash drive player of any sort is rare, 
though more are coming in the near 
future. It also gives me some peace of 
mind, using a player that supports open- 
source codecs. The best part is not having 
any DRM restrictions on how | can use 
the player for my own personal use. 

| mentioned my desire to have 
longer battery life at the start of this 
article. COWON claims its internal lithi- 
um-ion battery will last up to 60 hours 
on one charge. This claim is based on 
using it almost exclusively for music 
playback. Video playback will knock this 
claim down to about 40 hours per 
charge. Regardless of how you use it, 
it's a superior amount of battery power 
when compared to the competition. It 
also accounts for why the iAudio 7 is 
about three times thicker than an iPod 
Nano, but that's a trade-off | don’t mind 
making. It’s still relatively thin, as | mea- 
sured it to be only .75" thick. The 
COWON iAudio 7 is a mini-marvel of a 
media player that also lets you cast your 
vote in supporting products that func- 
tion in an open-source environment, 
and that environment just got more 
inviting with this player.m 


Philip Raymond has been using several Linux distros during 
the last four years. He has worked professionally as a 
Broadcast Technician for 34 years, the last 23 at WFLD-Fox 
Television in Chicago. He also is the Webmaster and 
co-creator of thepulsechicago.homestead.com, a Web site 
focused on the Chicago music scene, past and present. 

He can be contacted at tvphil@yahoo.com. 


LJ pays $100 for tech tips 
we publish. Send your tip 


and contact information to 
techtips@linuxjournal.com. 


Did you know Linux Journal maintains a 
mailing list where list members discuss 
all things Linux? Join LJ's linux-list today: 
http://lists2.linuxjournal.com/mailman/ 
listinfo/linux-list. 


Resources 


i7remux-0.1 Download: www.powerwebvideo.homestead.com/files/ 
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THE READERS’ CHOICE AWARDS TAKE THE CURRENT PULSE OF THE LINUX 
COMMUNITY. HERE ARE THE TOOLS YOU USE EVERY DAY IN YOUR WORK AND PLAY. 


ack in January and February, we surveyed you, 

our readers, to find out what Linux-based prod- 

ucts, tools and services you prefer these days. 

More than 5,900 of you completed the survey, and 

your favorites are the worthy recipients of the 2008 
Readers’ Choice Awards. Although some results are predictable, 
many are certain to both interest and surprise you. 

In this year’s competition, we designated only one winner per 
category, with strong contenders receiving honorable mention 
awards. For instance, in the categories where a cluster of 
formidable contenders followed the outright winner, we desig- 
nated up to three honorable mentions. However, if one product 


clearly dominated a category (for example, OpenOffice.org with 
85% in Favorite Office Program or Apache with 92% in Favorite 
Web Server), and the contenders were barely on the radar, there 
were no honorable mentions. 

The developers among you will want us to weigh in on 
how we dealt with languages. We created two categories: 
Favorite Programming Language and Favorite Scripting 
Language. See Technical Editor Michael Baxter’s reasoning 
in the sidebar, as well as the category contents and winners. 
Please let us know what you think of our approach. 

And now, without further ado, we present the 2008 
Linux Journal Readers’ Choice Awards. 


James Gray 
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FEATURE Readers’ Choice Awards 2008 


FAVORITE PRIMARY 
LINUX DISTRIBUTION 
OF CHOICE 


(37.4%) 
Honorable Mentions 
Mandriva (13.9%) 
Fedora (11.1%) 


In the last LJ Readers’ Choice 
awards, many readers were 
“shocked” and “flabbergasted” 
that the upstart Ubuntu handily 
took the crown for favorite 
distribution. This year, however, 
there is little surprise that 
Ubuntu has won again, garner- 
ing nearly triple the votes of its 
most able challenger, Mandriva— 
supposedly the forgotten distro? 
Clearly Ubuntu has morphed 
from the “little distro that could” 
to the “big distro that did”. How 
would the results differ if we 
asked for your favorite distribution 
for servers? 


ee ee 
¢ 


ubuntu 


FAVORITE DESKTOP 
ENVIRONMENT 


(45.7%) 
Honorable Mention 
KDE (42.5%) 


9 


Clearly independent decision making 
is in ample supply in our community, 
because (despite Nick Petreley’s anti- 
GNOME rants over the years) GNOME 
is your Favorite Desktop Environment. 
GNOME barely edged out its also-popular 
desktop rival, KDE. The result makes 
sense given that the GNOME-defaulting T™ 
Ubuntu trounces all other distributions. G N OM FE 
However, the fact that GNOME won by 
just a few percentage points perhaps means that many of you use Ubuntu’s 
sister distribution, the KDE-based Kubuntu? 


FAVORITE WEB BROWSER 
(86%) 


Given our readers’ extreme pen- 
chant for tinkering, it’s no surprise 
that we love Firefox and its ever- 
growing treasure trove of extensions 
[see “Must-Have Firefox Extensions”, 
page 80]. Firefox wins Favorite Web 
Browser with 86% of your votes. 
But where, oh where, have the very 
capable Opera and Konqueror gone? 
Fewer than 5% of you named them 
your favorite browser. Honorable 
mention for most creative response 
in this category goes to “All | know is that IE7 is worse than dreadful.” 


FAVORITE E-MAIL CLIENT 


(44.9%) 
Honorable Mentions 
Gmail Web Client (19.7%) 
Evolution (13.4%) 
KMail (10.1%) 


Although Mozilla Thunderbird did not vanquish its opponents as decidedly 
as its sibling Firefox did in the browser category, it had more than twice the 
support of its nearest rival, the Gmail Web Client, to win Favorite E-Mail Client. 
We were a bit surprised to see that only about 7% of you are still using text- 
based e-mail clients, such as Alpine (formerly Pine) and Mutt. 


70 | june 2008 www.linuxjournal.com 


FAVORITE OFFICE 
PROGRAM 


Ble Edt \oew insert Format Toots Mody Window Help 
iP Ae Clim 4 OH) 4 
re Lo 


OpenOffice.org 
(85.1%) 


OpenOffice.org 
garnered a whopping 
85% of the votes to 
win Favorite Office 
Program, while com- 
petitors AbiWord and 
KOffice squeaked in a 
barely perceptible 3% 
each. Nor did ElOffice, 
a program that has 
received much praise 
in our pages in the past, register more than a few votes. OpenOffice.org 
has become the de facto default office suite for Linux. 


FAVORITE AUDIO 
TOOL 


Amarok (40.5%) 
Honorable Mentions 
(18.1%) 
(12.3%) 
(11.9%) 


Perhaps the most 
feature-rich audio player 
on any platform, 
Amarok has won most 
of your hearts and minds for Favorite Audio Tool. Meanwhile, the applications 
XMMS, Audacity and Rhythmbox each have their loyal constituencies of a bit 
lesser but similar size, making each worthy of an honorable mention. 


FAVORITE MEDIA PLAYER 


MPlayer - Video 


>>? 


MPlayer 


MPlayer (34.6%) 
Honorable Mention 
(27.4%) 


This close race in the Favorite 
Media Player category may be as 
much a testament to MPlayer’s 
legacy to thankful Linux users 
everywhere as a vote for excel- 
lence. When playing nonfree 
media content was still a problem 
for Linux users, MPlayer was there, 
leveling the field and Making SUre | so media opened 
we could play anything our Time 
Windows-using friends were play- Mim!) plo pp mA! 
ing and then some. VLC, a close 
second, is growing in popularity coment Re 
for its friendly interface and equally 
adroit ability to play pretty much any format you can throw at it. 


FAVORITE 
COMMUNICATIONS TOOL 


Pidgin (42%) 
Honorable Mentions 
(17.8%) 
» (12.8%) 


Pidgin, the messaging tool 
formerly known as Gaim, readily 
handled all of its competitors, 
garnering 42% of your votes. 
Pidgin users appreciate the 
ability to monitor all of their 
messaging accounts using one 
tool. Currently 15 protocols 
are available, including AIM, 
Google Talk, Novell GroupWise, 
ICQ, MySpacelM, Yahoo and 
others. Despite Skype's popular- 
ity, it remains in Pigin's long 
shadow—maybe because its 
closed-source credentials tug 
at our consciences? 
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FEATURE Readers’ Choice Awards 2008 


FAVORITE FAVORITE DIGITAL PHOTO MANAGEMENT TOOL 
GRAPHICS/DESIGN TOOL 
digiKam (24.9%) 
The GIMP (76.4%) Honorable Mention 
(24.5%) 

If anything qualifies as a 
legendary piece of Linux soft- digikam, at 24.9%, edged 
ware, then The GIMP certainly out its image-organizer rival 
has earned that mantle. Picasa from Google by a mere 
Winning 76.4% of the votes, 13 votes. Picasa’s excellent func- 
The GIMP wins for Favorite tionality is powerful enough to 
Graphics/Design Tool. As for make up for its deficits—its non-FOSS status and Wine-based emulation. Like 
the others? “Ouch!” is the its e-mail cousin Gmail, Picasa is an interesting choice given that it is not a 
collective cry from the other Linux application, per se. Gmail exists only in Google's cloud, and Picasa is— 
graphics applications, such as gasp!—a Windows application. 
Inkscape, Scribus and Blender, 
each of which reached per- 
centages only in the single 
digits. Notable for its absence FAVORITE TEXT EDITOR 
is the increasingly impressive 
KDE graphics tool, Krita. vi (35.3%) 


Honorable Mention 


“J (15%) 


File Xtns Help 


Who would have thought 
that after all these years, the vi 
editor would rule the roost? It 
beat out every other editor, 
including Emacs and vim. Three 
years ago, it didn’t even make the top three! Go figure. It is interesting to 
note that Emacs, KWrite and Kate all scored about evenly, clustering around 
the 10% mark. 


FAVORITE LINUX GAME 
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perch as Favorite Linux 
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FAVORITE VIRTUALIZATION SOLUTION 


(38.7%) 
Honorable Mention 
VirtualBox (20.4%) 


Given VMware's meteoric rise 
during the past few years, it’s no 
surprise to see it win the gold for 
Favorite Virtualization Solution. More 
surprising is VirtualBox’s showing, the 
application that a fellow publication 
called “The best virtualization program you've never heard of" in late 2007. 
VirtualBox’s patron, innotek of Germany, was acquired by Sun Microsystems 
earlier this year, giving VirtualBox the marketing injection it needed to match 
its technical prowess. Wine and Xen fared decently in this category too. 


FAVORITE BACKUP SYSTEM 


(25.5%) 
Honorable Mentions 
Amanda (16.1%) 
Bacula (16.1%) 


In this year’s competition, we differentiated between comprehensive appli- 
cations, or systems, and specific utilities. Regarding the Favorite Backup System 
category, most of you prefer the no-frills, low-budget approach over corporate 
solutions—that is, the application Simple Linux Backup. The open-source 
applications—Amanda, with the Zmanda interface for server backup, and 
Bacula, for network-based backup—also got many of your votes. Backup also 
is the category in which the most readers roll their own script-based solutions. 


FAVORITE BACKUP UTILITY 


(35.4%) 
Honorable Mentions 
rsync (22.4%) 
k3b (15.1%) 


For Favorite Backup Utility, the perpetual winner is the workhorse tar, tally- 


ing 35.4% of the vote. Enough of you love rsync and the CD/DVD-authoring 
application k3b to warrant honorable mentions. 


FAVORITE DATABASE Mi 
(62.7%) 
MySQL is not only the world’s 
most popular open-source 
database, it's your favorite as 
well. Although PostreSGL, SQLite, 


Firebird and others registered votes, the competition was not fierce. It doesn’t 
hurt that MySQL runs on more than 20 different platforms. 
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FEATURE Readers’ Choice 


FAVORITE 
PROGRAMMING 
LANGUAGE 


(26%) 
Honorable Mentions 
C++ (25.7%) 
Java (22.9%) 


‘Twas the battle of the Cs 
in the Favorite Programming 
Language category, with C 
taking first prize, C++ landing 
in second and Java in the third 
spot. Don’t see your own wildly 
favorite language here? You 
wouldn't believe the number of 
“WTFs" we got when readers 
didn’t find Python, Ruby or other 
languages here but rather in the 
scripting language category. 
Check out that category’s results, 
as well as Michael Baxter's expla- 
nation in the sidebar for how we 
differentiated between program- 
ming and scripting languages. 
(No doubt we'll see you in the 
on-line comments section too!) 
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We received a lot of feedback about 
our on-line survey of favorite lan- 
guages. A particular point from 
this feedback has been why some 
languages were called scripting 
languages, and others not. A criterion 
was used to decide this, as will be 
explained. A plethora of issues was 
raised in the responses we received, 
so highlighting some of the issues 
will contextualize how the criteria 
emerged for this survey. 


One simple way of distinguishing 
computer programming languages is 
whether they are compiled or inter- 
preted, which several Linux Journal 
readers pointed out. However, even 
that is an issue. Java is considered 

as a general-purpose programming 
language, but nominally the runtime 
environment is a Java Virtual Machine. 
This is very similar to a variety of 
scripting languages actually, including 
Emacs Lisp. However, Java also can 
be compiled to native machine code. 
So, for the interpreted versus compiled 
issue, one might ask, “What kind 

of compiled?” 


A scripting language could generally 
be a language that is hosted by 
another environment. In other words, 
it's “running on top of something”, 
whether that be a byte-code inter- 
preter or, in the case of embedded 
application use, as an adjunct to 
another software application. One 
also might ask whether the breadth 
and representative power are obtained 
by libraries, or because of built-ins 

to the language? 


Scripting languages also can have 
object features and work at a higher 
level, or work more like a dynamic 
language, such as Lisp, which does 
manifest typing. AWK and Python or 
Perl are arguably scripting languages, 
but they are quite different in their 
utility. One might think of AWK as 
slightly easier to use than bash, with 
the particularly nice facet of associative 


arrays. But, Python or Perl (via strong 
libraries) are much more powerful, and 
they are glued to numerous layers in 
the complete FLOSS stack. So, the 
“grain size” of a scripting language 
tends to matter as to its utility. 


One of the scripting languages that 
was omitted in the original survey was 
Tcl, and this was a mistake. Tcl is very 
popular, especially in certain applica- 
tion domains, such as CAD tools, where 
it is a de facto scripting language. 
Similarly, upon further reflection, it 
might be argued that the general- 
purpose programming language 
BASIC that is most in use today is not 
really a later variant of Kemeney and 
Kurtz’ 1964 original, but rather Visual 
BASIC, arguably a scripting language. 
However, that language generally does 
not run well on Linux, and efforts to 
bring this particular language to Linux 
have provoked some controversy. 


Based on comparative technical 
criteria, one could make the case 
that Java is a scripting language. Its 
runtime implementation is strikingly 
similar to Python, though there are 
clearly very divergent language syn- 
tax and semantics in both: Python is 
much less strongly typed. The prob- 
lem is that Java users really don’t 
use it as a scripting language, and 
its promoters don't promote it that 
way either. It's much more ubiquitous 
in any of its roles, such as middle- 
ware, for complete applications, or 
as a standalone embedded platform. 
So, a leading clue is that what 
defines a “scripting language” 

is not necessarily decided along 
strictly technical lines. 


Perhaps the motivating factor behind 
what determines whether a language 
is a Scripting language or program- 
ming language is ultimately how a 
critical mass of users tend to use it. 
Other factors include how it’s promot- 
ed, whether it's standardized, how the 
user community is responded to with 


emergent problems or technical issues, 
and how the primary maintainers allow 
the language to “evolve” where neces- 
sary. A really good way to see this is 
to compare the number of technical 
book titles on computer languages 
and associated libraries or environ- 
ments in a modest bookstore. 


Finally, it was this “tendency of use” 
that was the primary litmus test to 
assert which language was selected as 
a programming language versus as a 
scripting language. Some respondents 
have rightly pointed out that this was 
relatively “arbitrary”, and that there 
were numerous dissonances along the 
axis of “compiled” versus “interpret- 
ed”. They are right. This arbitrariness 
is borne out, in fact, by the usage 
patterns seen; the mass of users 
themselves really have decided the 
use models. Practical and reasonable 


»» Weigh in on the debate in our on-line forum: www.linuxjournal.com/forums/hot-topics/programming-languages-vs-scripting-languages. 


programmers, in fact, do disagree 
on such distinctions. 


Such divides cut across much more 
than compiled or not. A larger divide 
would appear to be strongly typed 
versus dynamic languages. Another 
would be functional versus imperative. 
One divide that seems to be waning 
is whether object-oriented is good; 
we generally seem to believe that it 
is. Despite this general consensus, C 
is not going away any time soon. C is 
viewed as the most portable high-level 
“assembly language” there is. 


| think a conundrum about languages 
is benign, and actually good news, 
because it reflects the diversity of choice 
and utility. If the absolute ultimate 
runtime performance is not relevant to a 
programming problem, modern scripting 
languages are a strong play. One can get 


more done with fewer lines of code, if 
compared with starting a program in the 
C language. Most are easier to learn and 
use than, say, C++. This may well be a 
legacy of highly evolved computer tech- 
nology. If you believe that “premature 
optimization is the root of all evil”, per- 
haps using a “standard” programming 
language is one kind of premature opti- 
mization. A lot of careful thinking has 
gone into certain scripting languages, 
and very strong compilation software is 
available to host these languages. But, 
these advances in computer science also 
derive benefit from late-modern hard- 
ware technology. Machines today are so 
fast that it really is possible to use script- 
ing languages as general-purpose pro- 
gramming languages for nearly any pur- 
pose on a wide variety of applications. 


—Michael Baxter, Technical Editor, 
Linux Journal 
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FEATURE Readers’ Choice Awards 2008 


FAVORITE SCRIPTING LANGUAGE 


Python (28.9%) 
Honorable Mentions 


aa ™) python 


(17%) 


It's no surprise that Python grabbed top honors in the Favorite Scripting 
Language category, and that PHP, bash and Perl all deserve honorable 
mention for their strong showings. 


FAVORITE SECURITY TOOL 


SSH (29.5%) 
Honorable Mention 
(19.4%) 


Just as it did in the last edition of this competition, the hyperversatile and 
hyperfavorite SSH wins this year in the Favorite Security Tool category with 29.5% 
of the votes. You also showed your love for the iptables tool for your packet-filter- 
ing tasks, which deserves an honorable mention for garnering 19.4% of the tally. 


FAVORITE LANGUAGE 
CONSTRUCTION TOOL 


Flex (18.1%) 
Honorable Mentions 
(14.7%) 

(12.8%) 


You know you're reading the 
right publication when a collec- 
tive cheer rises up to celebrate 
the scanner-generator Flex win- 
ning a prize. Although Flex took 
top honors for Favorite Language 
Construction Tool with 18.1% of 
the votes, its yacc-compatible 
parser generator, Bison, tallied 
enough votes for an honorable 
mention (14.7%), as did the 
compiler-compiler for Java, javacc 
(12.8%). Although this category 
registered fewer votes than other 
categories, nearly 2,000 of you 
weighed in with your opinions. 


FAVORITE LINUX SOFTWARE 
DEVELOPMENT TOOL 


Eclipse (29%) 


This year, Eclipse easily eclipsed all of its competi- 
tors to win Favorite Linux Software Development 
Tool. Although the rest of the votes were widely 
dispersed among many different tools—KDevelop, 
Emacs, GNU autoconf and NetBeans all registered 
significant vote counts. 
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FAVORITE PACKAGE MANAGEMENT 
APPLICATION 


Apt (35.3%) 
Honorable Mentions 
(16.5%) 
(14.9%) 

ic (11.6%) 


One of the main reasons so many of you love 
(K)Ubuntu so much is its sweet package management 
via Apt, this year's victor in the Favorite Package 
Management Application category. Apt won 35.3% of 
your votes. Many of you also cast your votes for the 
classic RPM (16.5%) and its useful friend Yum 
(14.9%). Meanwhile, a respectable number of you 
(11.6%) 
prefer the 
Synaptic 
front end 
on top of 
Apt to per- 
form your 
package 
manage- 
ment tasks. 


FAVORITE SYSTEM ADMINISTRATION TOOL 


OpenSSH (52.7%) 


The depth of your love for OpenSSH is clear. Not only did you choose it for 
Favorite Security Tool (above), but you chose it as Favorite System Administration 
Tool as well. With 52.7% of your votes, it stands head and shoulders above its 


nearest competitors. 


FAVORITE CONTENT 
MANAGEMENT SYSTEM 


WordPress (23.8%) 

Honorable Mentions 
al (21.4%) 
ila! (18.9%) 


Competition was tough for 
Favorite Content Management 
System, for you love your myriad 
options. Nevertheless, your favorite 
application in this category was the 
blog publisher WordPress (23.8%), 
which edged out the able Drupal 
(21.4%) and Joomla! (18.9%) to take 
the prize. It appears that the vast 
majority of you bloggers are gravitat- 
ing toward WordPress, while the 
Webmasters are splitting into Drupal 
and Joomla! camps. 
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FAVORITE WEB SERVER 
Apache (90.9%) 


Rather than offer a Favorite Web Server 
category, we should just ask “Do you 
use the Apache Web server, yes 
or no?” and leave it at 
that. Apache wins 
with 90.9% of 
your votes. 


FAVORITE LINUX-FRIENDLY WEB HOSTING COMPANY 


GoDaddy.com (14.7%) 
Honorable Mentions 
(9.8%) 
(9.4%) 
e (7.5%) 


Given the variety of hosting companies available today, it’s no sur- 
prise that none of them dominated the voting for Favorite Linux-Friendly 
Web Hosting Company. Although the winner, GoDaddy.com, garnered 
a respectable 14.7%, the real winner was “Other” with a whopping 
42.4%. Nevertheless, hats off to GoDaddy.com for its rapid rise in 
popularity—it was absent from our last awards. 


FAVORITE NETWORK OR SERVER APPLIANCE 


Avocent Cyclades ACS Console Server (15.7%) 
Honorable Mention 


(12.7%) 


As with hosting, the voting for Favorite Network or Server Appliance 
category was diffuse due to the rabbit-like proliferation of useful products in the marketplace. The top vote-getter at 
15.7% was the Avocent Cyclades ACS Console Server, and following up with honorable mention (at 12.7%) was the 
Guardian Digital Linux Lockbox. 
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FEATURE Readers’ Choice Awards 2008 


| Hi Sunt Nice to see you on-line 
aunt 


FAVORITE LINUX 


HANDHELD DEVICE =” 


Nokia N800 (43.9%) 
Honorable Mention 
(23.7%) 


In case you hadn't noticed, many of 
us Linux Journal editors adore the Nokia 
N800. The N800 won the 2007 awards for Ultimate Linux Handheld, and its 
predecessor, the N770, would have won the 2006 Editors’ Choice Award for 
Best Mobile Device, only we were afraid we never talked about anything else. 
Well, clearly our readers dig it too, because 43.9% of you chose it as your 
favorite handheld. Keep your eye on the newer OpenMoko Neo 1973, which 
burst on the scene and grabbed 23.7% of the vote. 


FAVORITE LINUX LAPTOP 


ASUS Eee PC (34.7%) 
Honorable Mention 
p (20%) 


Is there any surprise that the ASUS 
Eee PC got 34.7% of the vote to win 
the Favorite Linux Laptop category hand- 
ily? Finally, a company created a laptop 
with Linux in mind and didn’t consider Linux 
as a second-rate afterthought. It also is nice to see 
that our readers appreciate Lenovo's better-late-than- 
never but admirable effort to pre-install its T61p with SLED. This helped the 
device win honorable mention. Hopefully, awards like this will encourage 
Lenovo and others to pre-install all of their laptops with Linux from the start. 
If you accumulate the various models from our Linux-specialist friends like 
LinuxCertified, EmperorLinux and R Cubed, they fared well as a group too. 


WHO MAKES YOUR 
FAVORITE LINUX 
DESKTOP WORKSTATION? 


Dell (30%) 
Honorable Mention 
(12%) 


It wasn’t surprising to see PC 
giant Dell win top choice in this 
category with 30% of the vote 
tally. Dell's product line has 
become more Linux-friendly 
over the years, which shows up 
clearly in your preferences. HP 
gets an Honorable Mention for 
its Linux offerings. There were 
lots of write-ins for various 
vendors in this category, but 
they were too diverse to merit 
a third place award. And, of 
course, many of you chose a 
home-brew solution as well. 
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WHO MAKES 
YOUR FAVORITE 
LINUX SERVER? 


Dell (21%) 

Honorable Mentions 
(14%) 
(12%) 


The majority of voters in this 
category give their server busi- 
ness to the big vendors, such as 
Dell (winner of both the Favorite 
Desktop Workstation and 
Server categories), IBM, HP and 
Sun. Many readers also like 
to purchase from the smaller 
mom-and-pop shops—with 
too many write-ins to list here. 
And, as with the Favorite 
Desktop Workstation category, 
many readers prefer to build 
their own servers. 


FAVORITE GREEN LINUX 
PRODUCT OR SOLUTION 


VMware (42.6%) 
Honorable Mention 
(16.3%) 


Because virtualization is such 
a fabulous and popular way to 
improve the efficiency of your 
servers, VMware landed the top 
spot in the Favorite Green Linux 
Product or Solution category. The 
PowerTOP tool for finding energy 
wasters on your systems also is 
popular and won an honorable 
mention at 16.3%. Although many 
readers earnestly consider energy 
consumption and environmental 
impacts in their data-center strategy, 
we were surprised to see the high 
number of responses like “Hummer” 
and “|! promote global warming”. 
We wonder with concern, “How 
much good science is necessary to 
convince us of the seriousness of 
our environmental challenges?” 


FAVORITE LINUX BOOK 
(REVISED OR RELEASED IN 
OR AFTER JANUARY 2007) 


Linux System Administration 

by Tom Adelstein and Bill Lubanovic 
(O'Reilly) (16%) 

Honorable Mentions 


by Robert Love (O'Reilly) (7.2%) 


by Benjamin Hill (Prentice Hall) (7%) 


by Mark G. Sobell (Prentice Hall) 
(6.6%) 


There are so 
many great Linux 
books, how can one 
choose a favorite! 
Despite the amazing 
diversity, your clear 
winner for Favorite 
Linux Book is 
O'Reilly's Linux 
System Administration 
by Bill Lubanovic 
and LJ regular Tom Adelstein. 
Three other books clustered 
around the 6-7% mark, one from 
O'Reilly and two from Prentice 
Hall. Interestingly, several of you 
mentioned that you don’t read 
“analog” printed books anymore, 
only digital materials. 


FAVORITE LINUX JOURNAL 


COLUMN 

(26.9%) (37.3%) 

Honorable Mention Honorable Mention 

Work the Shell by Dave Taylor (15%) One Laptop Per Child (17.9%) 

Hack and / by Kyle Rankin (14.1%) ; 

We are pleased to present you with 

Looks like Marcel Gagné your very own Linux Journal Readers’ 

is going to have to be Choice Product of the Year...drumroll 


please...the ASUS Eee PC! Once again, 
we congratulate ASUS for making a great 
Linux product from the ground up and 
not as an afterthought. The win is well 
deserved due to the pure excitement it 
has created in our community. And, it's 


knocked off before anyone 
knocks him off the award 
stand for Favorite Linux 
Journal Column. Marcel’s 
Cooking With Linux column, 
where Linux must be fun 


and one hand must remain free to fill the created excitement here at LJ as well— 
wineglass, has tickled and informed Linux see Jes Hall's review of the ASUS Eee PC =— 
Journal readers since its inception more at www. linuxjournal.com/article/9947, ; 

than 100 issues ago. The ever-popular her “Hacking the Eee PC at www.linuxjournal.com/article/10003 and 
Dave Taylor also fared well (15%) for his Shawn Powers’ video review at www.linuxjournal.com/node/1005898. 
Work the Shell column, and the upstart See also “Eee PC Gets an Upgrade” on page 13 of this issue. We're 
Hack and / from Kyle Rankin has become also pleased to announce that the OLPC wins the Honorable Mention 
quite popular (14.1%) in its short life. in this category; see Dave Phillips’ “Sounding Out with the OLPC XO” 


on page 46 of this issue. 


TAKE THE NEXT STEP IN PHP 


June 2-4, 2008 * Washington, DC 


- 4 Keynotes 

- 2 Tracks of Breakout Sessions 

- 4 Tutorials 

- Exhibit Hall 

- Endless Networking Opportunities 


www.dcphpconference.com 


REGISTER TODAY!! 


Whether you are a developer, manager, recruiter 
non-profit organization, or a company that uses PHP in 
its daily operations, the DC PHP Conference is for you 


a 


Join PHP experts and community members at the third annual 
DC PHP Conference & Expo. Share with your peers the experiences, 
expertise and best practices in a wide variety of sessions. 


Attendees will also have the opportunity to partake in tutorials, 


case studies, round tables, and to view an exhibit hall featuring leading 


companies demonstrating their cutting-edge solutions. Ch at a 
SSE 
www.dcphpconference.com June 2-4, 2008 - Washington, DC 


INDEPTH 


Must-Have Firefox 


Extensions 


A whirlwind tour through the powerful and diverse world of Firefox extensions. 


DAN SAWYER 


Plugins and extensions—they're what made Photoshop 
such a bonanza from the late 1980s onward, and they gave it 
the market push to triumph over competitors who preferred to 
keep their tools and development completely in-house. It was 
a great idea—make your own product more valuable by letting 
other people enhance it for their own benefit—and it worked 
famously. In the graphics world, everyone's got ‘em now. But, 
in the browsing world...well, it takes an open-source project to 
apply that kind of functionality across categories. 

Firefox did it, and it’s one of the innovations that has 
helped Mozilla claw its way up from the bottom of the stack 
in the browser wars. Even though Internet Explorer still 
comes bundled with Windows, and Safari with Mac OS, and 
Konqueror with KDE, users across platforms opt for Firefox 
with greater and greater frequency. It’s not just the tabbed 
browsing, or the built-in pop-up blockers, or the standards- 
compliance or the built-in search box—it’s also the add-ons. 

The Mozilla Project's plugin-based architecture turns a solid 
application into a customizer’s paradise. The projects available 
on the Mozilla Add-ons site now stretch into the thousands, 
which gives the end user the opposite problem of the 
no-choice straitjacket of certain other browsers. The embar- 
rassment of riches means too much choice, and figuring out 
how to narrow it down is no mean task. 

The extensions come in a variety of flavors—from add-on 
applications to interface tweaks to toolbars. Here are a few 
that most users will find very handy. They extend functionality, 
enhance privacy and give users a leg up on taking their favorite 
content with them wherever they wish to go. 


Irritation Reduction and Butt-Covering 
Web pages are great things. The democratization of media 
that the Internet brings us means that everyone has a Web 
site, and it’s a great thing. There’s only one problem with 
everyone having a Web site: everyone has a Web site—even 
people who think it’s cute to have their own personal radio 
station running any time you log on to one of their pages. 

| may be a curmudgeon, but as much as | care about the 
teeming masses of humanity on-line, that affection does not 
extend to being willing to tolerate someone else’s attempt to 
soundtrack my corner of the universe. It's been the case for 
several years now that if you wanted to surf around on 
MySpace or thumb through your Aunt Estelle’s family photo 
albums on her personal site, you had two choices: endure the 
autoplay music, or turn your speakers off. 
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Not anymore—not if you surf with Firefox. Sun Chun-Yen’s 
Stop Autoplay extension automagically toggles off al! auto- 
playing media, and it allows you to blacklist Flash media 
providers if they get on your nerves. With Stop Autoplay 
installed, instead of embedded media assaulting you before 
the page finishes rendering, you are presented with a little red 
box with a Play button inside it. If you are inclined to listen to 
the embedded media, you have the option at your fingertips. 
If you're not, it won't bother you. It’s a beautiful little plugin. 
It’s simple, elegant and “just works”. It also can help save 
you from vicious attacks by coworkers who don't like the 
autoplayed music either. 

Protecting you from your boss (who actually expects you 
to be working when you're on the clock) is the noble quest 
undertaken by another add-on, Panic. Panic sets up a hotkey 
that, when pressed, will close all open tabs and open a tab 
containing the URL of a page you're actually supposed to be 
looking at. Note that it closes the tabs, it doesn’t hide them. 
Once you press your user-definable hotkey, they're gone. 
Sure, trudging through the browser history to re-find that 
amazing article on “Linux Home Automation: the Ultimate 
Internet-Controlled Gun Cabinet” can be a drag, but when 
it saves you an unpleasant conversation with your boss, it’s 
worth the price. 

On a related note, there is an extension that protects you 
from inconvenient questions from young children, nosy room- 
mates and casual snoopers at neighborhood coffee shops. 

If you've ever heard the words “Mommy, what does ‘stud’ 
mean?” or “Daddy, what's burka porn?” from a five-year-old 
who has apparently appeared at your elbow from a neighbor- 
ing dimension, you know what | mean. The Net sucks you in, 
and sometimes someone walks up behind you and starts read- 
ing over your shoulder—or worse, reading the names of the 
other tabs you're saving for later—and you don’t notice them 
for a few hours...um, minutes. 

Enter TabRenamizer, an extension that lets you protect 
your privacy by renaming the tabs in your open browser 
windows. It integrates seamlessly with Firefox, sitting as 
a menu option in the Tools window that lets you set it 
either to rename all future tabs or to rename all open tabs 
randomly. You also can rename an individual tab selectively 
by right-clicking on the tab title and selecting the now- 
present rename this tab option from the context menu. 
This gives you a renaming dialog so that you can give the 
tab any name you want. 


Aclvertiser Index 


For advertising information, please contact our sales 


Taking My Media Everywhere department at 1-713-344-1956 ext. 2 or ads@linuxjournal.com. 


If there’s anything out there that could push me to buy a 
video-capable portable media player, it’s the Authors@Google 
series on YouTube (and similar lecture series available on 
Google Video from various think tanks and science confer- 
ences). Science, public policy, arts discussion—the Net has 
everything a growing brain needs. Unfortunately, a lot of it 
isn't in easily downloadable podcast form, but it’s sequestered 
in various video formats behind the YouTube Flash curtain or 
hiding in other embedded players. Bringing it down to the 
hard drive, even just in audio form, used to be a pain and a 
half, often requiring some fancy stream ripping involving 
speaker wires and mencoder scripts. Not any longer. Now, 
there are a bunch of extensions and Greasemonkey scripts 
for Firefox that let you rip your beloved content from the 
cold, uncaring fingers of the Internet and then load it on 
your portable media player to take with you to family reunions. 
Two of them are worth special note. 

The first is Fast Video Download, which, as its name 
suggests, will let you download pretty much any embedded 
video with the click of a mouse. When you call up a video on 
YouTube or Google Video or just about anywhere else, and it’s 
one you want to take with you for viewing on the commuter 
train or for listening to at the gym, simply click on the handy- 
dandy video downloader icon that appears at the bottom 
right-hand corner of the Firefox screen, and away you go. It 
pulls the video from the Web server, in whatever format it's 
natively stored, and drops it on your hard drive, from where 
you can load it onto your portable media player at your 
leisure. Fast Video Download’s philosophy is no-nonsense and 
unobtrusive, and it either works on a given site or it doesn’t— 
your mileage may vary. 

The second is an extension called Download Helper, and it 
has a different approach. It maintains a compatibility list and 
a directory of video sites from which it can download and 
file types it keeps an eye out for. Accessing its submenu 
through the Tools menu on Firefox allows you to customize it, 
to allow or block adult and/or pornographic content, and it 
also has special entries to help you find instructional and 
tutorial videos. It’s a more comprehensive tool than Fast Video 
Download, but it’s also less elegantly integrated into Firefox. 
Although Fast Video Download is the tool you want on 
hand when you stumble across something you're going to 
want to listen to again later, Download Helper is a tool better 
suited for dedicated video hunts (say, if you're doing research 
or you're going to be on a long plane ride and want your 
portable media player loaded up with things you haven't 
seen before). 


Full-on MozApps 

Not all Firefox extensions are little plugins or interface tweaks. 
Some of them are full-on, serious applications that just happen 
to run in a Firefox tab. There are quite a few of these, includ- 
ing a number of very good security auditing tools. However, 
today I’m focusing on must-haves for everyday users, so in this 
section, we're going to look at three tools that make the life 
of a normal Web 2.0 Netizen less hassle-prone. 
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If you're hip deep in new media, you've probably got a 
blog. And a Flickr account. And a YouTube channel. And a 
Box.net file repository. And a Facebook account. And 
a...well, you get the idea. There are a lot of passwords to 
remember, and a lot of files to upload, and a lot of really 
crappy, limiting interfaces through which you have to do 
that uploading. 

File Uploader changes all that. It's essentially a specialized 
FTP client that’s compatible with a number of on-line file ser- 
vices and social-networking sites. After installing the extension 
and restarting Firefox, you are presented on the Tools menu 
with a File Uploader entry. Click on it, and a new tab loads 
with the application. Using the accounts management and 
services menus, you can sign up for new accounts with any 
of the supported services (including, but not limited to, the 
aforementioned YouTube, Box.net, Flickr and Facebook), or 
use accounts you already have and manage your files and 
photo albums remotely. Reordering, batch uploading, deleting 
and renaming are all supported, and, unlike the HTML 
interfaces offered by the services, you are not subject to 
the files-per-upload limits that the Web interfaces impose. 
If you are, like me, a working photographer (or merely an 


Linux News and Headlines 


Linux Journal topical RSS feeds NOW AVAILABLE 


http://www. linuxjournal.com/rss feeds 
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avid hobbiest), and you're dependent on Flickr to showcase 
your work, this tool will save you a lot of time. If, on the other 
hand, you're a social-networking junkie, File Uploader will let 
you share more/better/faster with more people. 

Although File Uploader is patterned after a classic dual- 
paned FTP client, it is not actually an FTP client. Instead, 
it emulates an FTP client over HTTP for particular services. 
For a true-blue FTP client that runs in a Firefox tab, you'll 
need FireFTP. 

FireFTP is one of the oldest and most mature Firefox 
extensions around. It supports all the essential features you 
need in an FTP client—proxy support, multiple account sup- 
port, integrity checks, encryption, hash and time synchroniza- 
tion. It operates on a classic three-pane view: local filesystem 
on the left, remote filesystem on the right and console data 
scrolling in a wide pane across the bottom. It also will keep 
local and remote directories synchronized, and it can do 
deep-tree comparison, so you can see what might be present 
on one filesystem that's absent from another. It’s fast, it’s 
light, and it works very, very well. Some standalone clients, 
like GFTP, have a few more bells and whistles, but they're 
the kind of features you use so rarely that you'll seldom 
need to call it up if you've got FireFTP handy. FireFTP is also 
cross-platform, unlike some of the other best open-source 
FTP clients, which are Linux or *nix only. 

The other entry in the oldie-but-goodie pile is ChatZilla, 


Resources 


Stop Autoplay: https://addons.mozilla.org/en-US/ 
firefox/addon/1765 


Panic: https://addons.mozilla.org/en-US/firefox/ 
addon/6367 


TabRenamizer: https://addons.mozilla.org/en-US/ 
firefox/addon/2987 


Fast Video Download: https://addons.mozilla.org/en-US/ 
firefox/addon/3590 


Download Helper: https://addons.mozilla.org/en-US/ 
firefox/addon/3006 


File Uploader www.fireuploader.com 


FireFTP: https://addons.mozilla.org/en-US/firefox/ 
addon/684 


ChatZilla: chatzilla.hacksrus.com 


NewsFox: https://addons.mozilla.org/en-US/firefox/ 
addon/629 


Free Access Plus: https://addons.mozilla.org/en-US/ 
firefox/addon/6139 


a venerable in-tab IRC client with all the trimmings. 
Although it doesn’t have the $@%!ing provocative veneer 
that bitchX does, it handsomely organizes chat channels, 
logs, has an extensive built-in list of available channels, 
supports DCC chats and file transfers, and has its own 
plugin and theming architecture. After install, just like 
FireFTP and File Uploader, you'll find it easily launched 
with a click from the Tools menu. In a sense, it’s nothing 
really new—IRC is old tech—but it does implement all 
the standards very well, and for those who prefer to keep 
desktop clutter to a minimum but still enjoy fighting with 
random strangers on IRC, ChatZilla is a must-have. 

The last of our full-on apps that just happen to run in a 
tab is NewsFox, an RSS newsreader for Firefox. It’s a three- 
pane Atom/RSS feed reader laid out very similarly to an e-mail 
reader: feeds on the left, news items on the top right and 
story content on the bottom right. It handily auto-imports 
any Live Bookmarks you've got set up as soon as you launch 
it, so you don’t have to worry about re-adding feeds to which 
you've already subscribed. Again, like FireFTP and ChatzZilla, 
it's a solid, no-frills app that “just works” and does what it's 
supposed to do. And, also like ChatZilla and FireFTP, it doesn’t 
cause a performance drag, which is a welcome change from 
the bad-old days when Firefox was new and full of memory 
leaks all the time. 


Freedom and Anonymity 

As you can see from the above, Firefox extensions give people a 
lot of power over their browsing experience—indeed, a lot more 
than most anyone is used to having. But aside from the obvious 
minor advantages of time saved, extra utility and fun, it also can 
be a major force for good in the world. This is certainly the case 
with Free Access Plus, a filter-ouster put out by an innovative 
developer going by the name of Mohammed. It's a notion that 
| can only hope someone in Hong Kong picks up on. Imagine 
Radio Free Europe in your browser and you get the idea. Free 
Access Plus circumvents state censorship of the Internet—partic- 
ularly, it circumvents the Iranian government's content filters 
that block YouTube, del.icio.us, Flickr, Technocrati, FriendSter, 
LiveJournal, MySpace and a number of others. It also purports 
to circumvent similar filters imposed by other governments. It’s 
not a perfect solution, and it doesn’t work all the time, but it is 
successful some of the time, and it’s exactly the kind of thing 
open source is best at—opening the world to all people, even 
when their governments think they know better.= 


Dan Sawyer is the founder of ArtisticWhispers Productions (www.artisticwhispers.com), a small 
audio/video studio in the San Francisco Bay Area. He has been an enthusiastic advocate for free 
and open-source software since the late 1990s, when he founded the Blenderwars filmmaking 
community (www.blenderwars.com). He currently is the host of “The Polyschizmatic Reprobates 
Hour”, a cultural commentary podcast, and “Sculpting God”, a science-fiction anthology podcast. 
Author contact information is available at www.jdsawyer.net. 


si3¢),ii.4 Using a Garmin GPS and MapSource with Linux 


Garmin is a popular brand of GPS devices. Unfortunately, 
Garmin makes its MapSource application only for Windows, 
not Linux. However, Wine runs MapSource, at least for 
Garmin GPS units that communicate via USB. 

The following procedure is based on: 


m Fedora 8 

@ The current Wine package (wine-0.9.56-1.fc8) 

A Garmin Vista CX, with the standard USB cable 
Install Wine (as root): 

# yum install wine 


Make sure that you can access the GPS device. For my 
installation, the device is /dev/ttyUSBO. | found this by 
examining /var/log/messages when attaching the device. 
Check the permissions of the device file, and make sure 
you have access to it, possibly by adding yourself to the 
group that owns the device. In my case, | had to add 
myself to the group uucp. Remember to log out and log 
back in if you add yourself to a new group. 

Now, define the device in Wine. This is done as follows 


(do this using your normal login, not as root): 
$ In -s /dev/ttyUSBO ~/.wine/dosdevices/com2 


This will define the /dev/ttyUSBO device as COM2 
under Wine. 

After that, you simply install the software on the Garmin 
CD. For example, for City Navigator NT (Europe), using your 
normal login, do the following: 


$ cd /media/CNEURNTV9 
$ wine ./Setup.exe 


At the end, don’t opt to start the program directly. Start it 
afterward via the command line: 


$ wine ~/.wine/drive_c/Garmin/MapSource.exe 


Using this procedure, | am able to unlock maps, make 
routes, upload and download from the GPS unit (via USB) and 
do software updates. 

For more information, see my Web page: 
www.peterverthez.net/gps/garmin-linux.html. 

—PETER VERTHEZ 
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Remaster Knoppix without 


Remastering 


Why go through complicated steps to remaster Knoppix, when there are a number 
of methods to get the most of the functionality without the fuss? KYLE RANKIN 


If you have used Knoppix for any extended period of 
time, chances are you eventually thought about customiz- 
ing it. You might have simply wanted to make cosmetic 
changes with a new background and a different theme, or 
you might have wanted to add programs, change what 
happens at startup, or make any number of more-intensive 
changes. Well, you aren't alone. There are more than a 
hundred different Knoppix-based live CDs in existence. 
Some have changed only a few tools, and others have 
performed a complete overhaul of the programs, the 
themes and even the file structure. 


Traditional Remastering 

If you had decided to change Knoppix, you quickly would 
become acquainted with some of the guides both on-line 
and in print about Knoppix remastering. At that point, some 
of you would have read the complicated set of steps and 
decided it just wasn’t worth it. Knoppix fits all of its software 
within a compressed loopback filesystem on the disc. To 
remaster Knoppix, you must make a copy of the uncom- 
pressed contents of that filesystem, use chroot to access the 
copy as though it were the root filesystem, make any changes 
you want to make, and then re-create the new cloop 
filesystem and ISO image with a few gigantic commands on 
the command line. 


Not only is the process much 
quicker and less complex, it’s 
also simpler to migrate your 
changes once the next version 
of Knoppix is released. 


Of course, | oversimplified and excluded a few steps there. 
Besides some of the more technical steps, | also left out that 
minor bug you undoubtedly introduced but didn’t notice until 
you booted. That means you get to go through the remaster- 
ing process (especially the time-consuming steps of creating a 
new cloop filesystem) all over again. | also left out the step 
where you notice that even though you made minor changes, 
your ISO inexplicably is much larger than it was before and 
won't fit on a CD, so back to the remastering process you go 
to free up more space. 
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The fact is, traditional Knoppix remastering is a time- 
consuming, error-prone, complex process full of trial and 
error, but there is a better way. There are a few different 
methods you can use to tweak the default Knoppix disc 
without using the remastering process. | like to refer to 
these methods as “remastering Knoppix without remastering”, 
because the default Knoppix cloop filesystem stays the 
same throughout the entire process. 

| first became interested in low-impact Knoppix tweaks 
when | had to create a custom CD to include with my book, 
Knoppix Hacks. | didn’t want to do much—just change the 
default background and add a few links to the desktop. 
Although | could have remastered the CD, | was concerned 
about introducing bugs, even with minor changes. Imagine if 
| had discovered a bug after the CD was printed and shipped 
around the country with the book! | figured if | could tweak 
Knoppix but leave the compressed image alone, | would 
reduce the risk considerably. 

Ever since my first attempt to remaster Knoppix without 
remastering, I’ve used these methods so much that | actually 
prefer them and find them superior to remastering for most 
people's needs. Not only is the process much quicker and less 
complex, it's also simpler to migrate your changes once the 
next version of Knoppix is released. 


Save Configuration 

The first method you can use to change Knoppix involves a 
classic Knoppix tool called saveconfig. This tool creates and 
lets you choose a number of different files and settings from 
your user's configuration files, all of the files on the desktop, 
and network, graphics and other settings. saveconfig then 
creates a tarball called configs.toz out of the files and stores 
it on a USB key, hard drive or other writeable media of your 
choice along with a custom knoppix.sh script. 

To run saveconfig, click K->Knoppix—>Configure—Save 
Knoppix Configuration or type saveconfig in a terminal. Then, 
you can choose which settings to save and to which hard drive 
to save them. The next time you boot your computer, type 
myconfig=/dev/sdal/ to point Knoppix to a particular saved 
config, or type myconfig=scan, and Knoppix will scan all avail- 
able drives for you. At the end of the boot process, Knoppix 
will run the knoppix.sh script on the drive, which will extract 
the tarball and restore your settings. 

For minor, mostly cosmetic changes, the standard 
saveconfig script might serve all your needs. Simply make your 
changes, and then tell saveconfig to back up your personal 
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configuration. This is useful, but you might want to back up 
only a few files, or you might want to add files that saveconfig 
doesn’t save by default. To do that, you can tweak either 
the configs.tbz or knoppix.sh file. First, run saveconfig to 
create a configs.tbz and knoppix.sh file. Then, uncompress 
the configs.tbz file: 


$ bunzip2 configs.tbz 

Now, use tar to add new files to the tarball: 
$ tar -rpPf configs.tar /path/to/file 

You also can use tar to delete files: 
tar --delete -pPf configs.tar /path/to/file 


Once you are finished with your changes, you can recom- 
press the tarball: 


$ BZIP2=-9 bzip2 configs.tar 
$ mv configs.tar.bz2 configs.tbz 


Another way to tweak saveconfig (or even bypass it 
altogether) is to realize that when you tell Knoppix to use a 
particular saved configuration, all it really does is execute the 


In addition to the saveconfig 
script, Knoppix provides an 
even more advanced script 
that creates a persistent disk. 


knoppix.sh file, which is a standard shell script. That shell 
script contains the tar commands to extract the file. This 
means anything you put in the knoppix.sh file will be executed 
at the end of the boot process. What's more, if you create a 
new Knoppix disc and place the knoppix.sh in the KNOPPIX/ 
directory on the disc, it will be executed automatically every 
time Knoppix boots. So, if there’s an extra program you'd like 
Knoppix to have, just track down the .deb file for it and any 
of its dependencies, and add them to the disc. Then, in the 
knoppix.sh script you can put: 


dpkg -i /cdrom/*.deb 


Knoppix will install all of those programs at the end of the 
boot process. If you want to run any other commands or start 
any services, you also could put them in this script. 


Example: Webcam 

Here's an example of a tweaked knoppix.sh file that | made to 
turn Knoppix into an instant Webcam server. | first created a 
webcam directory on the CD-ROM and put a basic HTML file 
there that pointed to an image at /varAwww/webcam.jpg. 
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Then, | created a knoppix.sh script and put it in the KNOPPIX/ 
directory on the CD. Here is the script: 


#!/bin/sh 


echo Configuring Apache 

cp /cdrom/webcam/index.html /var/www/index.html 

/etc/init.d/apache start 

echo Configuring Cron 

echo '* * * * * root gqcam -d /var/www/webcam.jpg > /dev/null' >> 
/etc/crontab 

/etc/init.d/cron start 


As you can see, there isn’t much to this script. | copy the 
HTML file to the default Apache document root, start Apache, 
and then add a job to the global crontab and start cron. The 
cron command will run gqcam every minute, which will 
capture an image and store it in /var/www/webcam.jpg. 
Now, | can just burn the CD and boot it on any machine 
with a Webcam and Knoppix will take care of the rest. 


Persistent Disk Image 

In addition to the saveconfig script, Knoppix provides an 
even more advanced script that creates a persistent disk. 
The main problem with a live CD is that all of your 
changes are erased whenever you reboot. Traditionally, the 
persistence script created a loopback filesystem on a USB 
key or hard drive of a specified size and then copied your 
entire home directory to it. On the next boot, if you selected 
it with a cheat code, Knoppix would then mount the 
filesystem and point your entire home directory to it. That 
meant any changes you made to your home directory were 
kept through all of your reboots. 

The main limitation to that script (as with legacy 
Knoppix discs) was that you could write only to certain 
directories. Beginning with Knoppix 3.8, Knoppix added 
UnionFS (now replaced with AuFS). This tool essentially 
allows you to merge filesystems on top of each other, 
even if one is read-only and the other is read-write. If you 
wrote to the filesystem, UnionFS/AUFS transparently took 
care of putting the writes on the correct filesystem. With 
Knoppix, this now meant the ramdisk that was traditionally 
used for /home and /etc could now be merged on top of 
the entire filesystem. You now could essentially write 
anywhere you wanted, install programs using the standard 
Debian package management, and basically treat the 
system like any other installed Linux distribution, limited 
only by your ramdisk size. 

With the addition of AuFS, Knoppix changed its persistence 
script. Now when you click K->Knoppix—Configuration—Create 
a persistent Knoppix disk image, Knoppix creates a complete 
copy of the entire ramdisk. This is a copy of all of the changes 
you have made to the system since you have booted. Within 
the script, you can choose the maximum size of the filesystem, 
where to store the image, and even whether to use encryption. 
The next time you boot, if the USB or local hard drive is 
present, Knoppix automatically detects it and prompts you 
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with a few options: 
m Home: use only your persistent home directory. 


m System: replace the entire /ramdisk mountpoint with the 
persistent disk image. 


@ Overwrite: off by default, but it will replace the /etc directory 
on your persistent image if you also enable the System 
option. You might want to do this if your system-wide 
graphics or network settings from a previous machine 
interfere with your current one. 


@ Init: start any persistent init scripts. 


If you don’t select any of these options, Knoppix will boot 
normally. It’s also possible that you might have multiple 
knoppix.img files on different drives (or multiple files on the 
same drive in different directories). This actually is a good way 
to create custom Knoppix settings that are stored in different 
directories on a USB key. Say | have a security-focused persis- 
tent image in the security directory on my USB key (which 
Knoppix detects as /dev/sda1), | could then boot Knoppix with 
the home=/dev/sda1/security/knoppix.img cheat code. 


Tweak Boot Settings 

The saveconfig and knoppix.sh tweaks provide a lot of 
functionality, but their main downside is that they execute 
at the end of the boot process. Sometimes you want to 
change Knoppix settings sooner than that—whether it’s the 
default screen you see at boot time or Knoppix’s default 
cheat codes. These options and more are stored in the 
boot/isolinux/ directory on the disc and can be changed 
without much effort. Below | cover some of the more 
important files and what you can change with them. 

Boot messages: the boot.msg, f2 and f3 files are text files 
that define what shows up at the boot prompt, when you 
press F2 and F3, respectively. If you want to add special help or 
even change the text completely, you can do so in these files. 

isolinux.cfg: this is one of the most useful files in this 
directory, as it defines all the different kernels that can be 
loaded, along with their default boot options. For instance, 
here is the section of the file that defines the default Knoppix 
settings and cheat codes if you let the boot prompt time out 
or just press Enter: 


LABEL knoppix 

KERNEL linux 

APPEND ramdisk_size=100000 init=/etc/init lang=us apm=power-off vga=791 
initrd=m 

inirt.gz nomce loglevel=0 quiet BOOT_IMAGE=knoppix 


For instance, you can see here that the default language 
is English, but if you wanted to change it to Spanish, you 
would change lang=us to lang=es. If you scroll down 
farther in the file, you can not only see other Knoppix 
types you can boot, but also listings for memtest and dos. 
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Tweak initrd 

Along with the other boot files, under boot/isolinux/ is the 
default Knoppix initrd file called minirt.gz. This file is the initial 
root image that Knoppix mounts. Within the image are essential 
files for the boot process, including the init executable, but the 
file of most interest to Knoppix hackers is the linuxrc file, which 
acts as Knoppix’s general startup script. First, make a copy of the 
minirt.gz file (in my example, | assume it was mounted under 
/cdrom), uncompress it and then mount the filesystem: 


cp /cdrom/boot/isolinux/minirt.gz . 
gunzip minirt.gz 

mkdir temp 

mount -t ext2 -o loop minirt ./temp 


3 OH OH 


Now, if you look in the top-level directory of that mounted 
filesystem, you will see the linuxrc file. A lot of the script 
defines default settings, such as which filesystems are built in 
to Knoppix and the process Knoppix uses to mount them, but 
you also can see where Knoppix defines system-wide defaults 
and also allows you to override them. For instance, the follow- 
ing lines define the default Knoppix directory and cloop file 
and the ability to overwrite them via a cheat code: 


KNOPPIX_DIR="KNOPPIX" 

KNOPPIX_NAME="KNOPPIX" 

case "$CMDLINE" in *knoppix_dir=*) KNOPPIX_DIR="$knoppix_dir"; ;; esac 
case "$CMDLINE" in *knoppix_name=*) KNOPPIX_NAME="$knoppix_name"; ;; esac 


If you want to add some extra functions to the boot pro- 
cess, read through the script to identify where would be best. 
For instance, at some points of the script, the KNOPPIX cloop 
filesystem isn’t loaded yet, nor are many common modules. If 
you aren't sure where to add your changes, just add them to 
the end of the script before the comment #Give control to 
the init process. At that point, Knoppix should have major 
modules and filesystems loaded and mounted. 

Once you are finished with your tweaks, unmount the 
minirt filesystem and recompress it. Then, you can overwrite 
the default version with your custom edition: 


umount temp 
gzip -9 minirt 


These are only a few examples of how to remaster Knoppix 
without remastering. One of the great things about these meth- 
ods is that they are typically easy to try, so if you make a mistake, 
you can fix it quickly. Plus, most of these methods lend themselves 
well to migration from one Knoppix disc to the next for when the 
next version of Knoppix is released. Finally, because most of your 
custom tweaks can be self-contained, if you want to share them 
with friends, you simply can share your knoppix.sh and configs.tbz 
files, for instance, instead of an entire ISO image.m 


Kyle Rankin is a Senior Systems Administrator in the San Francisco Bay Area and the author of a 
number of books, including Knoppix Hacks and Ubuntu Hacks for O'Reilly Media. He is currently 
the president of the North Bay Linux Users’ Group. 
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Thin Clients Booting over 
a Wireless Bridge 


How quickly can thin clients boot over a wireless bridge, and how far apart can 
they really be? RONAN SKEHILL, ALAN DUNNE AND JOHN NELSON 


In the 1970s and 1980s, the ubiquitous model of corporate 
and academic computing was that of many users logging in 
remotely to a single server to use a sliver of its precious pro- 
cessing time. With the cost of semiconductors holding fast to 
Moore's Law in the subsequent decades, however, the next 
advances in computing saw desktop computing become the 
standard as it became more affordable. 

Although the technology behind thin clients is not revolu- 
tionary, their popularity has been on the increase recently. For 
many institutions that rely on older, donated hardware, thin- 
client networks are the only feasible way to provide users with 
access to relatively new software. Their use also has flourished 
in the corporate context. Thin-client networks provide cost- 
savings, ease network administration and pose fewer security 
implications when the time comes to dispose of them. Several 
computer manufacturers have leaped to stake their claim on 
this expanding market: Dell and HP Compaq, among others, 
now offer thin-client solutions to business clients. 

And, of course, thin clients have a large following of 
hobbyists and enthusiasts, who have used their size and 
flexibility to great effect in countless home-brew projects. 
Software projects, such as the Etherboot Project and the 
Linux Terminal Server Project, have large and active com- 
munities and provide excellent support to those looking to 
experiment with diskless workstations. 

Connecting the thin clients to a server always has been 
done using Ethernet; however, things are changing. Wireless 
technologies, such as Wi-Fi (IEEE 802.11), have evolved 
tremendously and now can start to provide an alternative 
means of connecting clients to servers. Furthermore, wireless 
equipment enjoys world-wide acceptance, and compatible 
products are readily available and very cheap. 

In this article, we give a short description of the setup of a 
thin-client network, as well as some of the tools we found to 
be useful in its operation and administration. We also describe 
a test scenario we set up, involving a thin-client network that 
spanned a wireless bridge. 


What Is a Thin Client? 

A thin client is a computer with no local hard drive, which 

loads its operating system at boot time from a boot server. It is 

designed to process data independently, but relies solely on its 

server for administration, applications and non-volatile storage. 
Following the client’s BIOS sequence, most machines with 

network-boot capability will initiate a Preboot EXecution 
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Figure 1. LTSP Traffic Profile and Boot Sequence 


Environment (PXE), which will pass system control to the local 
network adapter. Figure 1 illustrates the traffic profile of the 
boot process and the various different stages, which are num- 
bered 1 to 5. The network card broadcasts a DHCPDISCOVER 
packet with special flags set, indicating that the sender is try- 
ing to locate a valid boot server. A local PXE server will reply 
with a list of valid boot servers. The client then chooses a 
server, requests the name of the Linux kernel file from the 
server and initiates its transfer using Trivial File Transfer Protocol 
(TFTP; stage 1). The client then loads and executes the Linux 
kernel as normal (stage 2). A custom init program is then run, 
which searches for a network card and uses DHCP to identify 
itself on the network. Using Sun Microsystems’ Network File 
System (NFS), the thin client then mounts a directory tree 
located on the PXE server as its own root filesystem (stage 3). 
Once the client has a non-volatile root filesystem, it continues 
to load the rest of its operating system environment (stage 
4)—for example, it can mount a local filesystem and create a 
ramdisk to store local copies of temporary files. The fifth stage 
in the boot process is the initiation of the X Window System. 
This transfers the keystrokes from the thin client to the server 
to be processed. The server in return sends the graphical 
output to be displayed by the user interface system (usually 
KDE or GNOME) on the thin client. 

The X Display Manager Control Protocol (XDMCP) provides 
a layer of abstraction between the hardware in a system and 
the output shown to the user. This allows the user to be physi- 
cally removed from the hardware by, in this case, a Local Area 
Network. When the X Window System is run on the thin 
client, it contacts the PXE server. This means the user logs in to 
the thin client to get a session on the server. 

In conventional fat client environments, if a client opens a 
large file from a network server, it must be transferred to the 


client over the network. If the client saves the file, the file 
must be again transmitted over the network. In the case of 
wireless networks, where bandwidth is limited, fat-client net- 
works are highly inefficient. On the other hand, with a thin- 
client network, if the user modifies the large file, only mouse 
movement, keystrokes and screen updates are transmitted 
to and from the thin client. This is a highly efficient means, 
and other examples, such as ICA or NX, can consume as 
little as 5kbps bandwidth. This level of traffic is suitable for 
transmitting over wireless links. 


How to Set Up a Thin-Client Network with 
a Wireless Bridge 
One of the requirements for a thin client is that it has a 
PXE-bootable system. Normally, PXE is part of your network 
card BIOS, but if your card doesn’t support it, you can get 
an ISO image of Etherboot with PXE support from ROM-o- 
matic (see Resources). Looking at the server with, for 
example, ten clients, it should have plenty of hard disk 
space (100GB), plenty of RAM (at least 1GB) and a modern 
CPU (such as an AMD64 3200). 

The following is a five-step how-to guide on setting up an 
Edubuntu thin-client network over a fixed network. 

1. Prepare the server. In our network, we used the 
standard standalone configuration. From the command line: 


sudo apt-get install ltsp-server-standalone 


You may need to edit /etc/Itsp/dhcpd.conf if you change 
the default IP range for the clients. By default, it’s configured 
for a server at 192.168.0.1 serving PXE clients. 

Our network wasn’t behind a firewall, but if yours is, 
you need to open TFTP, NFS and DHCP. To do this, edit 
/etc/hosts.allow, and limit access for portmap, rpc.mountd, 
rpc.statd and in.tftpd to the local network: 


192.168.0.0/24 
192.168.0.0/24 
192.168.0.0/24 

192.168.0.0/24 


portmap: 
rpc.mountd: 
rpc.statd: 
in.tftpd: 


Restart all the services by executing the following 
commands: 


sudo invoke-rc.d nfs-kernel-server restart 
sudo invoke-rc.d nfs-common restart 


sudo invoke-rc.d portmap restart 


2. Build the client's runtime environment. While 
connected to the Internet, issue the command: 


sudo 1ltsp-build-client 


If you're not connected to the Internet and have Edubuntu 
on CD, use: 


sudo ltsp-build-client --mirror file:///cdrom 


Remember to copy sources.list from the server into 
the chroot. 

3. Configure your SSH keys. To configure your SSH 
server and keys, do the following: 


sudo apt-get install openssh-server 
sudo ltsp-update-sshkeys 


4. Start DHCP. You should now be ready to start your 
DHCP server: 


sudo invoke-rc.d dhcp3-server start 


If all is going well, you should be ready to start your 
thin client. 

5. Boot the thin client. Make sure the client is connected 
to the same network as your server. 

Power on the client, and if all goes well, you should see a 
nice XDMCP graphical login dialog. 

Once the thin-client network was up and running correctly, 
we added a wireless bridge into our network. In our network, 
a number of thin clients are located on a single hub, which is 
separated from the boot server by an IEEE 802.11 wireless 
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bridge. It’s not an unrealistic scenario; a situation such as this 
may arise in a corporate setting or university. For example, if 
a group of thin clients is located in a different or temporary 
building that does not have access to the main network, a 
simple and elegant solution would be to have a wireless link 
between the clients and the server. Here is a mini-guide on 
getting the bridge running so that the clients can boot over 
the bridge: 


™ Connect the server to the LAN port of the access point. 
Using this LAN connection, access the Web configura- 
tion interface of the access point, and configure it to 
broadcast an SSID on a unique channel. Ensure that it is in 
Infrastructure mode (not ad hoc mode). Save these settings 
and disconnect the server from the access point, leaving it 
powered on. 


@ Now, connect the server to the wireless node. Using its 
Web interface, connect to the wireless network advertised 
by the access point. Again, make sure the node connects 
to the access point in Infrastructure mode. 


§ Finally, connect the thin client to the access point. If there 
are several thin clients connected to a single hub, connect 
the access point to this hub. 


We found ad hoc mode unsuitable for two reasons. First, 
most wireless devices limit ad hoc connection speeds to 
11Mbps, which would put the network under severe strain to 
boot even one client. Second, while in ad hoc mode, the wire- 
less nodes we were using would assume the Media Access 
Control (MAC) address of the computer that last accessed its 
Web interface (using Ethernet) as its own Wireless LAN MAC. 
This made the nodes suitable for connecting a single computer 
to a wireless network, but not for bridging traffic destined to 
more than one machine. This detail was found only after much 
sleuthing and led to a range of sporadic and often unrepro- 
ducible errors in our system. 

The wireless devices will form an Open Systems 
Interconnection (OSI) layer 2 bridge between the server and 
the thin clients. In other words, all packets received by the 


Thin Clients 


Figure 2. Six thin clients are connected to a hub, and in turn, this is 
connected to wireless bridge device. On the other side of the bridge is 
the server. Both wireless devices are placed in the Azimuth chamber. 
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wireless devices on their Ethernet interfaces will be forwarded 
over the wireless network and retransmitted on the Ethernet 
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an Increasing Number of Thin Clients 
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Figure 4. The Effect of the Bridge Length on Thin-Client Boot Time 
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Figure 5. Boot Time in the Presence of Background Traffic 


adapter of the other wireless device. The bridge is transparent 
to both the clients and the server; neither has any knowledge 
that the bridge is in place. 

For administration of the thin clients and network, we used 
the Webmin program. Webmin comprises a Web front end 
and a number of CGI scripts, which directly update system 
configuration files. As it is Web-based, administration can be 
performed from any part of the network by simply using a 
Web browser to log in to the server. The graphical interface 
greatly simplifies tasks, such as adding and removing thin 
clients from the network or changing the location of the 
image file to be transferred at boot time. The alternative is to 
edit several configuration files by hand and restart all daemon 
programs manually. 


Evaluating the Performance of a Thin-Client 
Network 
The boot process of a thin client is network-intensive, but 
once the operating system has been transferred, there is 
little traffic between the client and the server. As the time 
required to boot a thin client is a good indicator of the 
overall usability of the network, this is the metric we used 
in all our tests. 

Our testbed consisted of a 3GHz 


an approximate distance between them. This gives us the 
repeatability, which is a rare thing in wireless LAN evalua- 
tion. A graphic representation of our testbed is shown in 
Figure 2. 

We tested the thin-client network extensively in three 
different scenarios: first, when multiple clients are booting 
simultaneously over the network; second, booting a single 
thin client over the network at varying distances, which are 
simulated by altering the attenuation introduced by the 
chamber; and third, booting a single client when there is 
heavy background network traffic between the server and 
the other clients on the network. 


Conclusion 

As shown in Figure 3, a wired network is much more suitable 
for a thin-client network. The main limiting factor in using an 
802.11g network is its lack of available bandwidth. Offering a 
maximum data rate of 54Mbps (and actual transfer speeds at 
less than half that), even an aging 100Mbps Ethernet easily 
outstrips 802.11g. When using an 802.11g bridge in a net- 
work such as this one, it is best to bear in mind its limitations. 
If your network contains multiple clients, try to stagger their 
boot procedures if possible. 


Pentium 4 with 1GB of RAM as the PXE 
server. We chose Edubuntu 5.10 for our 
server, as this (and all newer versions of 
Edubuntu) come with LTSP included. We 
used six identical thin clients: SOOMHz 
Pentium IIl machines with 512MB of 
RAM—plenty of processing power for 
our purposes. 

When performing our tests, it was 
important that the results obtained were 
free from any external influence. A large 
part of this was making sure that the 
wireless bridge was not affected by any 
other wireless networks, cordless phones 
operating at 2.4GHz, microwaves or any 
other sources of Radio Frequency (RF) 
interference. To this end, we used the 
Azimuth 301w Test Chamber to house 
the wireless devices (see Resources). This 
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ensures that any variations in boot times 
are caused by random variables within 
the system itself. 

The Azimuth is a test platform for 
system-level testing of 802.11 wireless 
networks. It holds two wireless devices 
(in our case, the devices making up 
our bridge) in separate chambers and 
provides an artificial medium between 
them, creating complete isolation 
from the external RF environment. The 
Azimuth can attenuate the medium 
between the wireless devices and can 
convert the attenuation in decibels to 
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Second, as shown in Figure 4, keep the bridge length 
to a minimum. With 802.11g technology, after a length 
of 25 meters, the boot time for a single client increases 
sharply, soon hitting the three-minute mark. Finally, our 
test shows, as illustrated in Figure 5, heavy background 
traffic (generated either by other clients booting or by 
external sources) also has a major influence on the clients’ 
boot processes in a wireless environment. As the back- 
ground traffic reaches 25% of our maximum throughput, 
the boot times begin to soar. Having pointed out the 
limitations with 802.11g, 802.11n is on the horizon, and 
it can offer data rates of 540Mbps, which means these 
limitations could soon cease to be an issue. 

In the meantime, we can recommend a couple ways to 


The boot process of a thin client 
is network-intensive, but once 
the operating system has been 
transferred, there Is little traffic 
between the client and the server. 


speed up the boot process. First, strip out the unneeded 
services from the thin clients. Second, fix the delay of NFS 
mounting in klibc, and also try to start LDM as early as 
possible in the boot process, which means running it as 
the first service in rc2.d. If you do not need system logs, 
you can remove syslogd completely from the thin-client 
startup. Finally, it’s worth remembering that after a client 
has fully booted, it requires very little bandwidth, and 
current wireless technology is more than capable of 
supporting a network of thin clients. 
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Resources 
Linux Terminal Server Project (LTSP): Itsp.sourceforge.net 


Ubuntu ThinClient How-To: https://help.ubuntu.com/ 
community/ThinClientHowto 


Azimuth WLAN Chamber: www.azimuth.net 
ROM-o-matic: rom-o-matic.net 

Etherboot: www.etherboot.org 

Wireshark: www.wireshark.org 

Webmin: www.webmin.com 


Edubuntu: www.edubuntu.org 


i=, 8-8 Tips for Using the cd (Change Directory) Command 


Invoking the cd utility by itself (that is, without any argu- 
ments) will change the current directory to the directory 
specified by the $HOME environment variable: 


nick@nimble ~ $ cd /tmp/ 
nick@nimble /tmp $ cd 
nick@nimble ~ $ 


Invoking the cd utility with a single hyphen (-) 
argument will return you to the previous directory 
you were in. 

If you accidentally issue a cd without any arguments, typing 
cd - is a convenient way of returning to the directory you 
came from—in essence functioning as an undo operation: 


nick@nimble ~/a/long/path/to/some/files $ cd 
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nick@nimble ~ $ cd - 
/home/nick/a/long/path/to/some/files $ 
nick@nimble ~/a/long/path/to/some/files $ 


Or, if you want to alternate between two directories, 
cd - makes this simple: 


nick@nimble ~/path/to/some/files $ cd ~/another/path/to/some/files/ 
nick@nimble ~/another/path/to/some/files $ cd - 
/home/nick/path/to/some/files 

nick@nimble ~/path/to/some/files $ cd - 
/home/nick/another/path/to/some/files 

nick@nimble ~/another/path/to/some/files $ 


—NICK GIANAKAS 
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The Bigger Switch 


An open-source angle on Nick Carr's latest book. Doc SEARLS 


I've always liked Nicholas Carr, even when 
| didn’t agree with him. He's a clear thinker, a 
solid writer, a fearless partisan for sanity and 
a member of nobody's cabal. His landmark 
2003 article, “IT Doesn't Matter”, was voted 
the best of that year by the staff of Harvard 
Business Review. In 2004, Nick expanded that 
article into the book Does IT Matter?. He fol- 
lowed in 2005 with “The End of Corporate 
Computing”, in MIT Sloan Management 
Review. As usual, few reviewers agreed with 
him. Including me. 

His main point: IT functions were turning 
into “commodity inputs” developed outside 

of IT organizations and becoming profoundly 
generic. He added that IT was declining in 
strategic importance within organizations, and 
instead was doomed to perform purely function- 
al roles. From the Preface to Does IT Matter?: 


IT's transformation from a set of propri- 
etary and heterogeneous systems into 
a shared and standardized infrastruc- 
ture is a natural, necessary, and healthy 
process. It is only by becoming an 
infrastructure—a common resource— 
that IT can deliver its greatest economic 
and social benefits. 


| didn’t see how much this thesis had in 
common with my own observations about 
open-source development until | read Nick's 
latest book, The Big Switch: Rewiring the 
World, from Edison to Google. In it, Nick stays 
on the supply side of technology, detailing the 
sources of IT’s—and everybody’s—commodity 
inputs from pure utility service providers: 
Google/YouTube, Amazon, Skype and 
Plentyoffish. He sees good and bad in the 
trends. For example, although he agrees with 
some observations in Lewis Hyde's classic The 
Gift: Imagination and the Erotic Life of Property 
and Yochai Benkler's more recent The Wealth 
of Networks, he also dismisses their optimism: 


..there’s a naiveté, or at least a short- 
sightedness, to these arguments as 
well. The utopian rhetoric ignores 

the fact that the market economy is 
rapidly subsuming the gift economy. 
The “gifts of time and ideas” are 
becoming inputs to the creation of 
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commodities...businesses are using 
the masses of Internet gift givers as a 
global pool of cut-rate labor. 


Yet, there is more to a gift economy 
than the charity implied by the g-word. As 
Eric S. Raymond put it in “Homesteading 
the Noosphere”: 


Abundance makes command rela- 
tionships difficult to sustain and 
exchange relationships an almost 
pointless game. In gift cultures, social 
status is determined not by what you 
control but by what you give away... 


This abundance creates a situation in 
which the only available measure of 
competitive success is reputation 
among one's peers. 


Eric’s essay appeared on the Web in 1998. 
At that time, the LAMP stack was still four let- 
ters long. Now that stack is a pile that exceeds 
a half-million code bases. Most of that code 
was produced originally for very practical reasons: 
to solve a problem, to add a capability, to get 
some work done—or, in hacker parlance, to 
“scratch an itch”. Those code bases are what 
organizations, including companies large and 
small, use to build countless new “solutions” 
and businesses. What they benefit from is less 
the value of gifting and peer esteem than the 
value of re-usability, which matters not only to 
hackers but also to anybody who wants to save 
money and time. 

Peer-built commodity code has given us 
re-usability out the wazoo. In fact, we have so 
much of it that the builder of anything techni- 
cal has to cope with a surfeit of free loose 
parts, as if sitting in a vast bin of Lego pieces, 
all seemingly from different sets—a little Star 
ighter here, a little Train Station there, a lot 
of who-knows-what—all of it useful, or it 
wouldn't have been made in the first place. 
It is usefulness that lies behind the cre- 
ation, expansion and ubiquitizing of what 
Nick calls the World Wide Computer. If it 
weren't for the LAMP heap, we would not 
have the scale of freeness and abundance 
required to scale up a Flickr, an Amazon Web 
Service or a Google Cloud Computer. 


fain 


Consistent with Nick’s prophesies, I've 
been hearing lately about troubles in IT-land. 
It seems that the gears where IT meets HR are 
stripped by the independence of what Peter 
Drucker prophetically called Knowledge 
Workers. It seems these workers are getting, 
and sharing, most of their knowledge through 
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commoditized external services outside of IT's 
control. | know one company where the inter- 
nal IT system is so locked-down and firewalled 
against usefulness that employees in one 
division are getting most of their work done 
on their own computers, with their own cell 
phones, using utility “social networking” 
services from Twitter and Facebook. 

There is ana tendency, of course, 
imagine utopian scenarios for the future of 
the Net. Being an natural optimist, | have 
gone overboard in that direction more than 
once—and have been called on it by Nick 
himself, repeatedly. What still gives me hope 
however, even after | discount my own opti- 
mism, is the almost brutally meritocratic and 
practical nature of open-source goods produc- 
tion, and the abundance of smart sources 
from which they come. 

| don’t see utopian ideals behind what 
Alvin Toffler called the Information Age (in The 
Third Wave, which came out in 1980). Rather, 
| see practical ones, modeled on the construc- 
tion industry, complete with “architects”, 
“designers” and “builders”. The difference is 
in the materials. In the physical world, we are 
bound by the laws of physics and the periodic 
table. In the networked world, we are bound by 
what the human mind can produce. We have 
no equivalents of rock and wood, because our 
raw materials are far less limited and far more 
abundant than both. This creates new problems 
and opportunities in equal profusion. 

But, for better and worse, the source is US. 
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Doc Searls is Senior Editor of Linux Journal. He is also a 
Visiting Scholar at the University of California at Santa Barbara 
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